Hello community, here is the log from the commit of package iouyap for openSUSE:Factory checked in at 2014-12-03 22:50:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/iouyap (Old) and /work/SRC/openSUSE:Factory/.iouyap.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "iouyap" Changes: -------- --- /work/SRC/openSUSE:Factory/iouyap/iouyap.changes 2014-11-28 08:48:24.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.iouyap.new/iouyap.changes 2014-12-03 22:50:48.000000000 +0100 @@ -1,0 +2,29 @@ +Wed Dec 3 16:39:06 UTC 2014 - [email protected] + +- made sure we don't break Fedora + +------------------------------------------------------------------- +Wed Dec 3 15:46:07 UTC 2014 - [email protected] + +- hook up to permission framework. bnc#904060 + +------------------------------------------------------------------- +Wed Dec 3 14:36:01 UTC 2014 - [email protected] + +- added pre script to add user iouyap and fix security audit boo# 904060 +- removed post script and pre-req for post scripts + +------------------------------------------------------------------- +Wed Dec 3 14:14:59 UTC 2014 - [email protected] + +- moved iouyap from /usr/bin into /usr/lib (libexecdir) +- set iouyap permissions to 0750 and root,iouyap + +------------------------------------------------------------------- +Wed Dec 3 10:58:42 UTC 2014 - [email protected] + +- added iouyap-0.95_buff_overflow.patch to fix buffer overflows +- added iouyap-0.95_log_error.patch to fix format specifiers in log_error calls +- added iouyap-0.95_fix_packet_mem_corruption.patch to fix mem corruption issues + +------------------------------------------------------------------- New: ---- iouyap-0.95_buff_overflow.patch iouyap-0.95_fix_packet_mem_corruption.patch iouyap-0.95_log_error.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ iouyap.spec ++++++ --- /var/tmp/diff_new_pack.0IbaZ7/_old 2014-12-03 22:50:50.000000000 +0100 +++ /var/tmp/diff_new_pack.0IbaZ7/_new 2014-12-03 22:50:50.000000000 +0100 @@ -24,17 +24,18 @@ Group: System/Emulators/Other Url: https://github.com/GNS3/iouyap Source0: %{name}-%{version}.tar.gz +Patch0: %{name}-0.95_buff_overflow.patch +Patch1: %{name}-0.95_log_error.patch +Patch2: %{name}-0.95_fix_packet_mem_corruption.patch BuildRequires: bison BuildRequires: flex BuildRequires: gcc BuildRequires: glibc-devel BuildRequires: libiniparser-devel %if 0%{?suse_version} -Requires(post): libcap-progs -%endif -%if 0%{?fedora_version} -Requires(post): libcap +Requires(pre): permissions %endif +Requires(pre): %{_sbindir}/groupadd BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -42,6 +43,9 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 %build bison --yacc -dv netmap_parse.y @@ -49,12 +53,26 @@ gcc -Wall %optflags *.c -o %{name} -liniparser -lpthread %install +%__mkdir_p %{buildroot}/%{_libexecdir} %__mkdir_p %{buildroot}/%{_bindir} -%__mv %{name} %{buildroot}/%{_bindir} +%__mv %{name} %{buildroot}/%{_libexecdir} +ln -sf %{_libexecdir}/%{name} %{buildroot}/%{_bindir}/%{name} + +%pre +%{_sbindir}/groupadd -r iouyap 2> /dev/null || : + +%if 0%{?suse_version} +%post +%set_permissions %{_libexecdir}/%{name} + +%verifyscript +%verify_permissions -e %{_libexecdir}/%{name} +%endif %files %defattr(-,root,root) %doc LICENSE README.md +%verify(not caps) %attr(0750,root,iouyap) %{_libexecdir}/%{name} %{_bindir}/%{name} %changelog ++++++ iouyap-0.95_buff_overflow.patch ++++++ diff --git a/Makefile b/Makefile index 21b6cce..bc8df5a 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ SHELL = /bin/sh srcdir = . -CC = gcc #-O3 +CC = gcc -I . #-O3 CDEBUG = -g -DDEBUG CFLAGS = $(CDEBUG) -Wall diff --git a/config.c b/config.c index 2ae6854..81351a5 100644 --- a/config.c +++ b/config.c @@ -27,12 +27,12 @@ extern short yap_appl_id; extern dictionary *yap_config; -#define KEY_DEF(key, param) \ - sprintf(key, "%s:%s", DEFAULT_SECTION, param) -#define KEY_ID(key, param) \ - sprintf(key, "%d:%s", yap_appl_id, param) -#define KEY_PORT(key, port, param) \ - sprintf(key, "%d:%s:%s", yap_appl_id, port, param) +#define KEY_DEF(key, n, param) \ + snprintf(key, (n), "%s:%s", DEFAULT_SECTION, param) +#define KEY_ID(key, n, param) \ + snprintf(key, (n), "%d:%s", yap_appl_id, param) +#define KEY_PORT(key, n, port, param) \ + snprintf(key, (n), "%d:%s:%s", yap_appl_id, port, param) int @@ -47,7 +47,7 @@ ini_find_default (char *param) { char key[MAX_KEY_SIZE]; - KEY_DEF (key, param); + KEY_DEF (key, sizeof(key), param); return ini_find (key); } @@ -57,7 +57,7 @@ ini_find_id (char *param) { char key[MAX_KEY_SIZE]; - KEY_ID (key, param); + KEY_ID (key, sizeof(key), param); return ini_find (key); } @@ -67,7 +67,7 @@ ini_find_port (char *port, char *param) { char key[MAX_KEY_SIZE]; - KEY_PORT (key, port, param); + KEY_PORT (key, sizeof(key), port, param); return ini_find (key); } @@ -88,7 +88,7 @@ ini_getstr_default (char **value, char *param) { char key[MAX_KEY_SIZE]; - KEY_DEF (key, param); + KEY_DEF (key, sizeof(key), param); if (ini_getstr (value, key)) return 1; return 0; @@ -100,7 +100,7 @@ ini_getstr_id (char **value, char *param) { char key[MAX_KEY_SIZE]; - KEY_ID (key, param); + KEY_ID (key, sizeof(key), param); if (ini_getstr (value, key)) return 1; return ini_getstr_default (value, param); @@ -112,7 +112,7 @@ ini_getstr_port (char **value, char *port, char *param) { char key[MAX_KEY_SIZE]; - KEY_PORT (key, port, param); + KEY_PORT (key, sizeof(key), port, param); if (ini_getstr (value, key)) return 1; return ini_getstr_id (value, param); @@ -168,7 +168,7 @@ ini_getint_default (int *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_DEF (key, param); + KEY_DEF (key, sizeof(key), param); if (ini_getint (value, key)) return 1; return 0; @@ -180,7 +180,7 @@ ini_getint_id (int *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_ID (key, param); + KEY_ID (key, sizeof(key), param); if (ini_getint (value, key)) return 1; return ini_getint_default (value, param); @@ -192,7 +192,7 @@ ini_getint_port (int *value, char *port, char *param) { char key[MAX_KEY_SIZE]; - KEY_PORT (key, port, param); + KEY_PORT (key, sizeof(key), port, param); if (ini_getint (value, key)) return 1; return ini_getint_id (value, param); @@ -248,7 +248,7 @@ ini_getbool_default (int *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_DEF (key, param); + KEY_DEF (key, sizeof(key), param); if (ini_getbool (value, key)) return 1; return 0; @@ -260,7 +260,7 @@ ini_getbool_id (int *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_ID (key, param); + KEY_ID (key, sizeof(key), param); if (ini_getbool (value, key)) return 1; return ini_getbool_default (value, param); @@ -272,7 +272,7 @@ ini_getbool_port (int *value, char *port, char *param) { char key[MAX_KEY_SIZE]; - KEY_PORT (key, port, param); + KEY_PORT (key, sizeof(key), port, param); if (ini_getbool (value, key)) return 1; return ini_getbool_id (value, param); @@ -328,7 +328,7 @@ ini_getdouble_default (double *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_DEF (key, param); + KEY_DEF (key, sizeof(key), param); if (ini_getdouble (value, key)) return 1; return 0; @@ -340,7 +340,7 @@ ini_getdouble_id (double *value, char *param) { char key[MAX_KEY_SIZE]; - KEY_ID (key, param); + KEY_ID (key, sizeof(key), param); if (ini_getdouble (value, key)) return 1; return ini_getdouble_default (value, param); @@ -352,7 +352,7 @@ ini_getdouble_port (double *value, char *port, char *param) { char key[MAX_KEY_SIZE]; - KEY_PORT (key, port, param); + KEY_PORT (key, sizeof(key), port, param); if (ini_getdouble (value, key)) return 1; return ini_getdouble_id (value, param); diff --git a/iouyap.c b/iouyap.c index f487d46..c15893d 100644 --- a/iouyap.c +++ b/iouyap.c @@ -179,7 +179,7 @@ lock_socket (const char *name) // We have the lock. Wipe out the file and put our PID in it. ftruncate (fd, 0); - pid_len = sprintf (pid, "%ld\n", (long) getpid ()); + pid_len = snprintf (pid, sizeof(pid), "%ld\n", (long) getpid ()); if (write (fd, pid, pid_len) == -1) { e = errno; @@ -1046,7 +1046,7 @@ open_iou_udp () hints.ai_next = NULL; // TODO: allow binding to a specific IP address - sprintf (local_port, "%u", get_iou_udp_port (yap_appl_id)); + snprintf (local_port, sizeof(local_port), "%u", get_iou_udp_port (yap_appl_id)); if (getaddrinfo (NULL, local_port, &hints, &result) != 0) fatal_error ("getaddrinfo"); @@ -1215,8 +1215,8 @@ create_foreign_threads (pthread_attr_t * thread_attrs, port_table[i].pcap_fd = NO_FD; port = unpack_port (i); - sprintf (port_key, "%d/%d", port.bay, port.unit); - sprintf (key, "%d:%s", yap_appl_id, port_key); + snprintf (port_key, sizeof(port_key), "%d/%d", port.bay, port.unit); + snprintf (key, sizeof(key), "%d:%s", yap_appl_id, port_key); /* Don't bother if the section doesn't even exist */ if (!ini_find (key)) @@ -1545,7 +1545,7 @@ main (int argc, char **argv) iniparser_set (yap_config, cmdline_node, NULL); /* Now create the key=value pair */ - sprintf (key, "%s:%s", cmdline_node, cmdline_dev_type); + snprintf (key, sizeof(key), "%s:%s", cmdline_node, cmdline_dev_type); iniparser_set (yap_config, key, cmdline_dev); free (cmdline_node); diff --git a/netmap_parse.y b/netmap_parse.y index c8478cd..b6865a4 100644 --- a/netmap_parse.y +++ b/netmap_parse.y @@ -130,7 +130,7 @@ host | '@' ADDRESS { struct hostent *host; - sprintf($$, "@%s", $2); + snprintf($$, sizeof(yyval.pval), "@%s", $2); host = gethostbyname ($2); if (host == NULL) { ++++++ iouyap-0.95_fix_packet_mem_corruption.patch ++++++ diff --git a/iouyap.c b/iouyap.c index c15893d..944331a 100644 --- a/iouyap.c +++ b/iouyap.c @@ -356,6 +356,9 @@ write_pcap_frame (int fd, const unsigned char *packet, size_t len, unsigned char buf[MAX_MTU + hdr_len]; struct timeval ts; + if (caplen > MAX_MTU) + return -1; + gettimeofday (&ts, 0); pcap_header.tv_sec = ts.tv_sec; pcap_header.tv_usec = ts.tv_usec; @@ -398,7 +401,7 @@ foreign_listener (void *arg) /* Put received bytes after the (absent) IOU header */ bytes_received = read (port->sfd, &buf[IOU_HDR_SIZE], MAX_MTU); - if (bytes_received == -1) + if (bytes_received <= 0) { /* When tunneling, because our sends are asynchronous, we * can get errors here from ICMP packets for UDP packets we @@ -513,7 +516,7 @@ iou_listener (void *arg) { /* This receives from an IOU instance */ bytes_received = read (sfd, buf, IOU_HDR_SIZE + MAX_MTU); - if (bytes_received == -1) + if (bytes_received <= 0) { log_error ("read"); break; @@ -536,6 +539,9 @@ iou_listener (void *arg) debug_log_fmt ("received %zd bytes for port %d (sfd=%d)\n", bytes_received, port, sfd); + if (bytes_received <= IOU_HDR_SIZE) + continue; + /* Send on the packet, minus the IOU header */ bytes_received -= IOU_HDR_SIZE; ++++++ iouyap-0.95_log_error.patch ++++++ >From f332ffe898ad6ee1de5c2c992998ffd11f2e28c6 Mon Sep 17 00:00:00 2001 From: Jerry Seutter <[email protected]> Date: Sat, 15 Nov 2014 11:58:25 -0700 Subject: [PATCH] Clean up format specifiers in log_error calls --- iouyap.c | 8 ++++---- netmap.c | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/iouyap.c b/iouyap.c index 3cb67d9..f487d46 100644 --- a/iouyap.c +++ b/iouyap.c @@ -417,7 +417,7 @@ foreign_listener (void *arg) } if (yap_verbose >= LOG_CRAZY) - debug_log_fmt ("received %d bytes (sfd=%d)\n", + debug_log_fmt ("received %zd bytes (sfd=%d)\n", bytes_received, port->sfd); @@ -455,7 +455,7 @@ foreign_listener (void *arg) { if (bytes_sent != -1) /* no error, shouldn't happen */ { - log_fmt ("sendto() only sent %d of %d bytes!" + log_fmt ("sendto() only sent %zd of %zd bytes!" " (sfd=%d)\n", bytes_sent, bytes_received, port->sfd); continue; @@ -533,7 +533,7 @@ iou_listener (void *arg) port = buf[IOU_DST_PORT]; if (yap_verbose >= LOG_CRAZY) - debug_log_fmt ("received %d bytes for port %d (sfd=%d)\n", + debug_log_fmt ("received %zd bytes for port %d (sfd=%d)\n", bytes_received, port, sfd); /* Send on the packet, minus the IOU header */ @@ -560,7 +560,7 @@ iou_listener (void *arg) { if (bytes_sent != -1) /* no error, shouldn't happen */ { - log_fmt ("write() only sent %d of %d bytes! (sfd=%d)\n", + log_fmt ("write() only sent %zd of %zd bytes! (sfd=%d)\n", bytes_sent, bytes_received, sfd); continue; } diff --git a/netmap.c b/netmap.c index 2233d87..bbdf257 100644 --- a/netmap.c +++ b/netmap.c @@ -369,7 +369,7 @@ dump_port_table (void) continue; our_port = unpack_port (i); - log_fmt ("%d:%d/%d talks to %d other node(s):\n", yap_appl_id, + log_fmt ("%d:%d/%d talks to %zd other node(s):\n", yap_appl_id, our_port.bay, our_port.unit, (port_table[i].segment->size - 1)); -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
