diff options
| author | tron <tron> | 2011-01-04 15:39:34 +0000 |
|---|---|---|
| committer | tron <tron> | 2011-01-04 15:39:34 +0000 |
| commit | 2b45825fdcbb67b3aafd9fdb33a0a898f10f3c48 (patch) | |
| tree | 7f76ba63e656041c6aa8ada0cbe58598ed4d5887 /net | |
| parent | 88056e62f10bcd0b6a247d3f8d3b02fc13d8d6ab (diff) | |
| download | pkgsrc-2b45825fdcbb67b3aafd9fdb33a0a898f10f3c48.tar.gz | |
Add patch from the Wireshark SVN repository to fix the security
vulnerability reported in SA42767 which affects the ENTTEC dissector.
Diffstat (limited to 'net')
| -rw-r--r-- | net/wireshark/Makefile | 3 | ||||
| -rw-r--r-- | net/wireshark/distinfo | 3 | ||||
| -rw-r--r-- | net/wireshark/patches/patch-SA42767 | 43 |
3 files changed, 47 insertions, 2 deletions
diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile index 087de5b8be1..445dcbcffa7 100644 --- a/net/wireshark/Makefile +++ b/net/wireshark/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.55 2010/11/21 22:54:55 tron Exp $ +# $NetBSD: Makefile,v 1.56 2011/01/04 15:39:34 tron Exp $ DISTNAME= wireshark-1.4.2 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.wireshark.org/download/src/ \ ${MASTER_SITE_SOURCEFORGE:=wireshark/} diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo index f48f3bb3a09..aabb599447a 100644 --- a/net/wireshark/distinfo +++ b/net/wireshark/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.37 2010/11/21 22:54:55 tron Exp $ +$NetBSD: distinfo,v 1.38 2011/01/04 15:39:34 tron Exp $ SHA1 (wireshark-1.4.2.tar.bz2) = 03eb2bcd1de93fd0b45d6f1346e97d5f03a47c3e RMD160 (wireshark-1.4.2.tar.bz2) = 5f0c1a9c52347782fcdcd6c11e24d21cfe89f7e2 Size (wireshark-1.4.2.tar.bz2) = 20208792 bytes +SHA1 (patch-SA42767) = e890fc4cda7a0b481950a3a89272714d5c6521b1 SHA1 (patch-aa) = d0744f069ac2d3a8a43b810e1f958360d99200a9 SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840 diff --git a/net/wireshark/patches/patch-SA42767 b/net/wireshark/patches/patch-SA42767 new file mode 100644 index 00000000000..d5356f8695f --- /dev/null +++ b/net/wireshark/patches/patch-SA42767 @@ -0,0 +1,43 @@ +$NetBSD: patch-SA42767,v 1.1 2011/01/04 15:39:34 tron Exp $ + +Patch for security vulnerability reported in SA42767. + +The patch was taken from the Wireshark SVN repository: + +http://anonsvn.wireshark.org/viewvc?view=rev&revision=35318 + +--- epan/dissectors/packet-enttec.c.orig 2010-11-18 21:30:35.000000000 +0000 ++++ epan/dissectors/packet-enttec.c 2011-01-04 14:30:58.000000000 +0000 +@@ -193,8 +193,8 @@ + "%3u: %s" + }; + +- static guint8 dmx_data[512]; +- static guint16 dmx_data_offset[513]; /* 1 extra for last offset */ ++ guint8 *dmx_data = ep_alloc(512 * sizeof(guint8)); ++ guint16 *dmx_data_offset = ep_alloc(513 * sizeof(guint16)); /* 1 extra for last offset */ + emem_strbuf_t *dmx_epstr; + + proto_tree *hi,*si; +@@ -225,10 +225,10 @@ + length = 512; + + if (type == ENTTEC_DATA_TYPE_RLE) { +- /* uncompres the DMX data */ ++ /* uncompress the DMX data */ + ui = 0; + ci = 0; +- while (ci < length) { ++ while (ci < length && ui < 512) { + v = tvb_get_guint8(tvb, offset+ci); + if (v == 0xFE) { + ci++; +@@ -236,7 +236,7 @@ + ci++; + v = tvb_get_guint8(tvb, offset+ci); + ci++; +- for (i=0;i < count;i++) { ++ for (i=0;i < count && ui < 512;i++) { + dmx_data[ui] = v; + dmx_data_offset[ui] = ci-3; + ui++; |