Complete Yocto mirror with license table for TQMa6UL (2038-compliance)
- 264 license table entries with exact download URLs (224/264 resolved) - Complete sources/ directory with all BitBake recipes - Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl) - Full traceability for Softwarefreigabeantrag - GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4 - License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
@@ -0,0 +1,129 @@
|
||||
From b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Mon Sep 17 00:00:00 2001
|
||||
From: Guy Harris <gharris@sonic.net>
|
||||
Date: Tue, 12 Mar 2024 00:37:23 -0700
|
||||
Subject: [PATCH] ppp: use the buffer stack for the de-escaping buffer.
|
||||
|
||||
This both saves the buffer for freeing later and saves the packet
|
||||
pointer and snapend to be restored when packet processing is complete,
|
||||
even if an exception is thrown with longjmp.
|
||||
|
||||
This means that the hex/ASCII printing in pretty_print_packet()
|
||||
processes the packet data as captured or read from the savefile, rather
|
||||
than as modified by the PPP printer, so that the bounds checking is
|
||||
correct.
|
||||
|
||||
That fixes CVE-2024-2397, which was caused by an exception being thrown
|
||||
by the hex/ASCII printer (which should only happen if those routines are
|
||||
called by a packet printer, not if they're called for the -X/-x/-A
|
||||
flag), which jumps back to the setjmp() that surrounds the packet
|
||||
printer. Hilarity^Winfinite looping ensues.
|
||||
|
||||
Also, restore ndo->ndo_packetp before calling the hex/ASCII printing
|
||||
routine, in case nd_pop_all_packet_info() didn't restore it.
|
||||
|
||||
Upstream-Status: Backport [https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2]
|
||||
CVE: CVE-2024-2397
|
||||
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
|
||||
---
|
||||
print-ppp.c | 31 +++++++++++++++++--------------
|
||||
print.c | 8 ++++++--
|
||||
2 files changed, 23 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/print-ppp.c b/print-ppp.c
|
||||
index aba243d..e5ae064 100644
|
||||
--- a/print-ppp.c
|
||||
+++ b/print-ppp.c
|
||||
@@ -42,6 +42,8 @@
|
||||
#include <net/if_ppp.h>
|
||||
#endif
|
||||
|
||||
+#include <stdlib.h>
|
||||
+
|
||||
#include "netdissect.h"
|
||||
#include "extract.h"
|
||||
#include "addrtoname.h"
|
||||
@@ -1363,7 +1365,6 @@ ppp_hdlc(netdissect_options *ndo,
|
||||
u_char *b, *t, c;
|
||||
const u_char *s;
|
||||
u_int i, proto;
|
||||
- const void *sb, *se;
|
||||
|
||||
if (caplen == 0)
|
||||
return;
|
||||
@@ -1371,9 +1372,11 @@ ppp_hdlc(netdissect_options *ndo,
|
||||
if (length == 0)
|
||||
return;
|
||||
|
||||
- b = (u_char *)nd_malloc(ndo, caplen);
|
||||
- if (b == NULL)
|
||||
- return;
|
||||
+ b = (u_char *)malloc(caplen);
|
||||
+ if (b == NULL) {
|
||||
+ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
|
||||
+ "%s: malloc", __func__);
|
||||
+ }
|
||||
|
||||
/*
|
||||
* Unescape all the data into a temporary, private, buffer.
|
||||
@@ -1394,13 +1397,15 @@ ppp_hdlc(netdissect_options *ndo,
|
||||
}
|
||||
|
||||
/*
|
||||
- * Change the end pointer, so bounds checks work.
|
||||
- * Change the pointer to packet data to help debugging.
|
||||
+ * Switch to the output buffer for dissection, and save it
|
||||
+ * on the buffer stack so it can be freed; our caller must
|
||||
+ * pop it when done.
|
||||
*/
|
||||
- sb = ndo->ndo_packetp;
|
||||
- se = ndo->ndo_snapend;
|
||||
- ndo->ndo_packetp = b;
|
||||
- ndo->ndo_snapend = t;
|
||||
+ if (!nd_push_buffer(ndo, b, b, (u_int)(t - b))) {
|
||||
+ free(b);
|
||||
+ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
|
||||
+ "%s: can't push buffer on buffer stack", __func__);
|
||||
+ }
|
||||
length = ND_BYTES_AVAILABLE_AFTER(b);
|
||||
|
||||
/* now lets guess about the payload codepoint format */
|
||||
@@ -1442,13 +1447,11 @@ ppp_hdlc(netdissect_options *ndo,
|
||||
}
|
||||
|
||||
cleanup:
|
||||
- ndo->ndo_packetp = sb;
|
||||
- ndo->ndo_snapend = se;
|
||||
+ nd_pop_packet_info(ndo);
|
||||
return;
|
||||
|
||||
trunc:
|
||||
- ndo->ndo_packetp = sb;
|
||||
- ndo->ndo_snapend = se;
|
||||
+ nd_pop_packet_info(ndo);
|
||||
nd_print_trunc(ndo);
|
||||
}
|
||||
|
||||
diff --git a/print.c b/print.c
|
||||
index 9c0ab86..33706b9 100644
|
||||
--- a/print.c
|
||||
+++ b/print.c
|
||||
@@ -431,10 +431,14 @@ pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h,
|
||||
nd_pop_all_packet_info(ndo);
|
||||
|
||||
/*
|
||||
- * Restore the original snapend, as a printer might have
|
||||
- * changed it.
|
||||
+ * Restore the originals snapend and packetp, as a printer
|
||||
+ * might have changed them.
|
||||
+ *
|
||||
+ * XXX - nd_pop_all_packet_info() should have restored the
|
||||
+ * original values, but, just in case....
|
||||
*/
|
||||
ndo->ndo_snapend = sp + h->caplen;
|
||||
+ ndo->ndo_packetp = sp;
|
||||
if (ndo->ndo_Xflag) {
|
||||
/*
|
||||
* Print the raw packet data in hex and ASCII.
|
||||
--
|
||||
2.25.1
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
From 5f0f70192b0e20336e642b02ca9662ba2fef66cf Mon Sep 17 00:00:00 2001
|
||||
From: Yi Fan Yu <yifan.yu@windriver.com>
|
||||
Date: Fri, 19 Feb 2021 15:21:18 -0500
|
||||
Subject: [PATCH] Add ptest for tcpdump
|
||||
|
||||
Upstream-Status: Pending
|
||||
|
||||
Signed-off-by: Hongjun.Yang <hongjun.yang@windriver.com>
|
||||
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
|
||||
|
||||
remove perl script not required by ptest causing QA problems
|
||||
|
||||
reference upstream issue/commit:
|
||||
https://github.com/the-tcpdump-group/tcpdump/issues/26
|
||||
|
||||
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
|
||||
---
|
||||
Makefile.in | 11 ++++++++++-
|
||||
1 file changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Makefile.in b/Makefile.in
|
||||
index ea1ef1d0..e7987bd8 100644
|
||||
--- a/Makefile.in
|
||||
+++ b/Makefile.in
|
||||
@@ -445,9 +445,18 @@ distclean:
|
||||
tests/failure-outputs.txt
|
||||
rm -rf autom4te.cache tests/DIFF tests/NEW
|
||||
|
||||
-check: tcpdump
|
||||
+buildtest-TESTS: tcpdump
|
||||
+
|
||||
+runtest-PTEST:
|
||||
$(srcdir)/tests/TESTrun
|
||||
|
||||
+install-ptest:
|
||||
+ cp -r tests $(DESTDIR)
|
||||
+ rm $(DESTDIR)/tests/setkey2esp-secrets.pl
|
||||
+ cp -r config.h $(DESTDIR)
|
||||
+ install -m 0755 Makefile $(DESTDIR)
|
||||
+ ln -s /usr/bin/tcpdump $(DESTDIR)/tcpdump
|
||||
+
|
||||
extags: $(TAGFILES)
|
||||
ctags $(TAGFILES)
|
||||
|
||||
--
|
||||
2.29.2
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
#!/bin/sh
|
||||
make -k runtest-PTEST | sed -e '/: passed/ s/^/PASS: /g' \
|
||||
-e '/: TEST FAILED.*/ s/^/FAIL: /g' \
|
||||
-e 's/: passed//g' \
|
||||
-e 's/: TEST FAILED.*//g'
|
||||
@@ -0,0 +1,53 @@
|
||||
SUMMARY = "A sophisticated network protocol analyzer"
|
||||
HOMEPAGE = "http://www.tcpdump.org/"
|
||||
SECTION = "net"
|
||||
LICENSE = "BSD-3-Clause"
|
||||
LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453"
|
||||
|
||||
DEPENDS = "libpcap"
|
||||
|
||||
RDEPENDS:${PN}-ptest += " make perl \
|
||||
perl-module-file-basename \
|
||||
perl-module-file-spec \
|
||||
perl-module-file-spec-unix \
|
||||
perl-module-file-path \
|
||||
perl-module-file-glob \
|
||||
perl-module-data-dumper \
|
||||
perl-module-bytes \
|
||||
perl-module-posix \
|
||||
perl-module-carp \
|
||||
perl-module-cwd \
|
||||
perl-module-constant \
|
||||
"
|
||||
|
||||
SRC_URI = " \
|
||||
http://www.tcpdump.org/release/${BP}.tar.gz \
|
||||
file://add-ptest.patch \
|
||||
file://run-ptest \
|
||||
file://CVE-2024-2397.patch \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "0232231bb2f29d6bf2426e70a08a7e0c63a0d59a9b44863b7f5e2357a6e49fea"
|
||||
|
||||
UPSTREAM_CHECK_REGEX = "tcpdump-(?P<pver>\d+(\.\d+)+)\.tar"
|
||||
|
||||
inherit autotools-brokensep pkgconfig ptest
|
||||
|
||||
PACKAGECONFIG ?= "openssl"
|
||||
|
||||
PACKAGECONFIG[libcap-ng] = "--with-cap-ng,--without-cap-ng,libcap-ng"
|
||||
PACKAGECONFIG[openssl] = "--with-crypto,--without-crypto,openssl"
|
||||
PACKAGECONFIG[smi] = "--with-smi,--without-smi,libsmi"
|
||||
# Note: CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
|
||||
PACKAGECONFIG[smb] = "--enable-smb,--disable-smb"
|
||||
|
||||
EXTRA_AUTORECONF += "--exclude=aclocal"
|
||||
|
||||
do_install:append() {
|
||||
# make install installs an unneeded extra copy of the tcpdump binary
|
||||
rm ${D}${bindir}/tcpdump.${PV}
|
||||
}
|
||||
|
||||
do_compile_ptest() {
|
||||
oe_runmake buildtest-TESTS
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
SUMMARY = "tcpslice"
|
||||
DESCRIPTION = "A tool for extracting parts of a tcpdump packet trace."
|
||||
HOMEPAGE = "http://www.tcpdump.org/related.html"
|
||||
SECTION = "net"
|
||||
|
||||
LICENSE = "BSD-4-Clause"
|
||||
LIC_FILES_CHKSUM = "file://tcpslice.c;endline=20;md5=99519e2e5234d1662a4ce16baa62c64e"
|
||||
|
||||
SRC_URI = "http://www.tcpdump.org/release/${BP}.tar.gz \
|
||||
"
|
||||
SRC_URI[sha256sum] = "e513f0710c4ab45ec627e5df6f7b80d12e488146e1bd500c92247e20ca608903"
|
||||
|
||||
UPSTREAM_CHECK_REGEX = "tcpslice-(?P<pver>\d+(\.\d+)+)\.tar"
|
||||
|
||||
inherit autotools-brokensep pkgconfig
|
||||
|
||||
DEPENDS = "libpcap"
|
||||
|
||||
EXTRA_AUTORECONF += "--exclude=aclocal"
|
||||
|
||||
do_install () {
|
||||
install -d ${D}${sbindir}
|
||||
install -m 0755 tcpslice ${D}${sbindir}
|
||||
}
|
||||
Reference in New Issue
Block a user