summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2020-11-07 01:44:47 +0000
committerSam James <sam@gentoo.org>2020-11-07 01:44:47 +0000
commit5ffa42e571f5f14a5a3400a8993a4b7745a852ef (patch)
tree80d09929b2568f7139960e4796d99a2e3ec5c8fc /net-analyzer/tcpdump
parentapp-misc/tmux: ppc64 stable (bug #753206) (diff)
downloadgentoo-5ffa42e571f5f14a5a3400a8993a4b7745a852ef.tar.gz
gentoo-5ffa42e571f5f14a5a3400a8993a4b7745a852ef.tar.bz2
gentoo-5ffa42e571f5f14a5a3400a8993a4b7745a852ef.zip
net-analyzer/tcpdump: patch CVE-2020-8037
Note that CVE-2020-8036 is already fixed in the version of 4.10.x packaged in Gentoo and 4.9.x is unaffected (the relevant functionality simply did not exist). Bug: https://bugs.gentoo.org/753146 Package-Manager: Portage-3.0.8, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-analyzer/tcpdump')
-rw-r--r--net-analyzer/tcpdump/files/tcpdump-4.9.3-CVE-2020-8037.patch63
-rw-r--r--net-analyzer/tcpdump/tcpdump-4.10.0_rc1-r1.ebuild22
-rw-r--r--net-analyzer/tcpdump/tcpdump-4.9.3-r4.ebuild86
3 files changed, 157 insertions, 14 deletions
diff --git a/net-analyzer/tcpdump/files/tcpdump-4.9.3-CVE-2020-8037.patch b/net-analyzer/tcpdump/files/tcpdump-4.9.3-CVE-2020-8037.patch
new file mode 100644
index 000000000000..2852845eb748
--- /dev/null
+++ b/net-analyzer/tcpdump/files/tcpdump-4.9.3-CVE-2020-8037.patch
@@ -0,0 +1,63 @@
+From 32027e199368dad9508965aae8cd8de5b6ab5231 Mon Sep 17 00:00:00 2001
+From: Guy Harris <guy@alum.mit.edu>
+Date: Sat, 18 Apr 2020 14:04:59 -0700
+Subject: [PATCH] PPP: When un-escaping, don't allocate a too-large buffer.
+
+The buffer should be big enough to hold the captured data, but it
+doesn't need to be big enough to hold the entire on-the-network packet,
+if we haven't captured all of it.
+
+(backported from commit e4add0b010ed6f2180dcb05a13026242ed935334)
+---
+ print-ppp.c | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/print-ppp.c b/print-ppp.c
+index 891761728..33fb03412 100644
+--- a/print-ppp.c
++++ b/print-ppp.c
+@@ -1367,19 +1367,29 @@ print_bacp_config_options(netdissect_options *ndo,
+ return 0;
+ }
+
++/*
++ * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
++ * The length argument is the on-the-wire length, not the captured
++ * length; we can only un-escape the captured part.
++ */
+ static void
+ ppp_hdlc(netdissect_options *ndo,
+ const u_char *p, int length)
+ {
++ u_int caplen = ndo->ndo_snapend - p;
+ u_char *b, *t, c;
+ const u_char *s;
+- int i, proto;
++ u_int i;
++ int proto;
+ const void *se;
+
++ if (caplen == 0)
++ return;
++
+ if (length <= 0)
+ return;
+
+- b = (u_char *)malloc(length);
++ b = (u_char *)malloc(caplen);
+ if (b == NULL)
+ return;
+
+@@ -1388,10 +1398,10 @@ ppp_hdlc(netdissect_options *ndo,
+ * Do this so that we dont overwrite the original packet
+ * contents.
+ */
+- for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
++ for (s = p, t = b, i = caplen; i != 0; i--) {
+ c = *s++;
+ if (c == 0x7d) {
+- if (i <= 1 || !ND_TTEST(*s))
++ if (i <= 1)
+ break;
+ i--;
+ c = *s++ ^ 0x20;
diff --git a/net-analyzer/tcpdump/tcpdump-4.10.0_rc1-r1.ebuild b/net-analyzer/tcpdump/tcpdump-4.10.0_rc1-r1.ebuild
index aa6aa458165d..3133cb51eca1 100644
--- a/net-analyzer/tcpdump/tcpdump-4.10.0_rc1-r1.ebuild
+++ b/net-analyzer/tcpdump/tcpdump-4.10.0_rc1-r1.ebuild
@@ -5,21 +5,20 @@ EAPI=7
inherit autotools
DESCRIPTION="A Tool for network monitoring and data acquisition"
-HOMEPAGE="
- https://www.tcpdump.org/
- https://github.com/the-tcpdump-group/tcpdump
-"
-LICENSE="BSD"
-SRC_URI="
- https://github.com/the-tcpdump-group/${PN}/archive/${P/_}.tar.gz
-"
+HOMEPAGE="https://www.tcpdump.org/ https://github.com/the-tcpdump-group/tcpdump"
+SRC_URI="https://github.com/the-tcpdump-group/${PN}/archive/${P/_}.tar.gz"
+S="${WORKDIR}/${PN}-${P/_}"
+LICENSE="BSD"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
IUSE="+drop-root libressl +smi +ssl +samba suid test"
RESTRICT="!test? ( test )"
REQUIRED_USE="test? ( samba )"
+BDEPEND="
+ drop-root? ( virtual/pkgconfig )
+"
RDEPEND="
net-libs/libpcap
drop-root? (
@@ -37,9 +36,6 @@ RDEPEND="
acct-user/pcap
)
"
-BDEPEND="
- drop-root? ( virtual/pkgconfig )
-"
DEPEND="
${RDEPEND}
test? (
@@ -50,11 +46,9 @@ DEPEND="
PATCHES=(
"${FILESDIR}"/${PN}-9999-libdir.patch
)
-S=${WORKDIR}/${PN}-${P/_}
src_prepare() {
default
-
eautoreconf
}
@@ -90,5 +84,5 @@ src_install() {
}
pkg_postinst() {
- use suid && elog "To let normal users run tcpdump add them to the pcap group."
+ use suid && elog "To let normal users run tcpdump, add them to the pcap group."
}
diff --git a/net-analyzer/tcpdump/tcpdump-4.9.3-r4.ebuild b/net-analyzer/tcpdump/tcpdump-4.9.3-r4.ebuild
new file mode 100644
index 000000000000..bfd5bf492128
--- /dev/null
+++ b/net-analyzer/tcpdump/tcpdump-4.9.3-r4.ebuild
@@ -0,0 +1,86 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+DESCRIPTION="A Tool for network monitoring and data acquisition"
+HOMEPAGE="https://www.tcpdump.org/ https://github.com/the-tcpdump-group/tcpdump"
+SRC_URI="https://www.tcpdump.org/release/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+drop-root libressl smi ssl samba suid test"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+ net-libs/libpcap
+ drop-root? (
+ acct-group/pcap
+ acct-user/pcap
+ sys-libs/libcap-ng
+ )
+ smi? ( net-libs/libsmi )
+ ssl? (
+ !libressl? ( >=dev-libs/openssl-0.9.6m:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ suid? (
+ acct-group/pcap
+ acct-user/pcap
+ )
+"
+DEPEND="
+ ${RDEPEND}
+ test? (
+ >=net-libs/libpcap-1.9.1
+ dev-lang/perl
+ )
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-9999-libdir.patch
+ "${FILESDIR}"/${PN}-4.9.3-CVE-2020-8037.patch
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ $(use_enable samba smb) \
+ $(use_with drop-root cap-ng) \
+ $(use_with drop-root chroot '') \
+ $(use_with smi) \
+ $(use_with ssl crypto "${ESYSROOT}/usr") \
+ $(usex drop-root "--with-user=pcap" "")
+}
+
+src_test() {
+ if [[ ${EUID} -ne 0 ]] || ! use drop-root; then
+ emake check
+ else
+ ewarn "If you want to run the test suite, make sure you either"
+ ewarn "set FEATURES=userpriv or set USE=-drop-root"
+ fi
+}
+
+src_install() {
+ dosbin tcpdump
+ doman tcpdump.1
+ dodoc *.awk
+ dodoc CHANGES CREDITS README.md
+
+ if use suid; then
+ fowners root:pcap /usr/sbin/tcpdump
+ fperms 4110 /usr/sbin/tcpdump
+ fi
+}
+
+pkg_postinst() {
+ use suid && elog "To let normal users run tcpdump, add them to the pcap group."
+}