From 52a3bbcd0ea7b8675ea6a4a11ccc823efcef85d7 Mon Sep 17 00:00:00 2001 From: salo Date: Sun, 12 Jun 2005 15:38:32 +0000 Subject: Security fix for DoS in BGP packets' processing. Patch from tcpdump cvs. --- net/tcpdump/Makefile | 4 ++-- net/tcpdump/distinfo | 4 ++-- net/tcpdump/patches/patch-ac | 21 +++++++++++++++++---- 3 files changed, 21 insertions(+), 8 deletions(-) (limited to 'net/tcpdump') diff --git a/net/tcpdump/Makefile b/net/tcpdump/Makefile index baa951d5807..914d64034cd 100644 --- a/net/tcpdump/Makefile +++ b/net/tcpdump/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.15 2005/05/28 14:15:23 adrianp Exp $ +# $NetBSD: Makefile,v 1.16 2005/06/12 15:38:32 salo Exp $ DISTNAME= tcpdump-3.8.3 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= net MASTER_SITES= http://www.tcpdump.org/release/ diff --git a/net/tcpdump/distinfo b/net/tcpdump/distinfo index 0eedbb2d0b1..7c3bb29165a 100644 --- a/net/tcpdump/distinfo +++ b/net/tcpdump/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.8 2005/05/28 14:15:23 adrianp Exp $ +$NetBSD: distinfo,v 1.9 2005/06/12 15:38:32 salo Exp $ SHA1 (tcpdump-3.8.3.tar.gz) = 7ae3c29fe843fc23ae89acd8b1b1e513213f6042 RMD160 (tcpdump-3.8.3.tar.gz) = 585c1ad9a93a8329b1d60057dd334e7b1a88097c Size (tcpdump-3.8.3.tar.gz) = 567116 bytes SHA1 (patch-aa) = d70302c6fa68d0d170fa5c22ce0a348bdf0233be SHA1 (patch-ab) = 628f0ecf34a7c9a5c17000b234360f7846c07847 -SHA1 (patch-ac) = 7dd47ee3ebaeba29c78bed66242739f0ded4a7f1 +SHA1 (patch-ac) = 94a334a86cd42e247e1270e74cc049b908db751a SHA1 (patch-ad) = 2229b6cf3af0b30bc612e3dca796f01d8e8bae90 SHA1 (patch-ae) = 9c3b318668c3558a9cee3ce90fe7ac17fd748de5 SHA1 (patch-af) = c0c0ce4a3a3eda013fea164ed173181b271ad6b1 diff --git a/net/tcpdump/patches/patch-ac b/net/tcpdump/patches/patch-ac index 1765e75e9e2..b336c701c39 100644 --- a/net/tcpdump/patches/patch-ac +++ b/net/tcpdump/patches/patch-ac @@ -1,8 +1,8 @@ -$NetBSD: patch-ac,v 1.1 2005/05/28 14:15:23 adrianp Exp $ +$NetBSD: patch-ac,v 1.2 2005/06/12 15:38:32 salo Exp $ ---- print-bgp.c.orig 2005-05-06 09:08:17.000000000 +0100 -+++ print-bgp.c -@@ -1216,6 +1216,8 @@ bgp_attr_print(const struct bgp_attr *at +--- print-bgp.c.orig 2004-03-24 01:04:04.000000000 +0100 ++++ print-bgp.c 2005-06-12 17:22:17.000000000 +0200 +@@ -1216,6 +1216,8 @@ tptr = pptr + len; break; } @@ -11,3 +11,16 @@ $NetBSD: patch-ac,v 1.1 2005/05/28 14:15:23 adrianp Exp $ tptr += advance; } break; +@@ -1646,9 +1648,10 @@ + while (dat + length > p) { + char buf[MAXHOSTNAMELEN + 100]; + i = decode_prefix4(p, buf, sizeof(buf)); +- if (i == -1) ++ if (i == -1) { + printf("\n\t (illegal prefix length)"); +- else if (i == -2) ++ break; ++ } else if (i == -2) + goto trunc; + else { + printf("\n\t %s", buf); -- cgit v1.2.3