Control: tags -1 - moreinfo
On 14 July 2017 at 10:31, Adam D. Barratt <a...@adam-barratt.org.uk> wrote:
> Control: tags -1 + moreinfo
>
> On 2017-07-14 8:39, Arturo Borrero Gonzalez wrote:
>>
>> We have in stretch suricata 3.2.1-1 and I would like to cherry-pick a
>> patch [0]
>> in top of that. The patch has been backported from 3.2.3.
>>
>> The change to the package is rather simple, check this git branch [1] and
>> the
>> 2 small changes since tag debian/3.2.1-1.
>>
>> The package builds just fine. Would you like me to include debdiff?
>
>
> Always, please.
>
Ok, find it attached.
I named the new version 3.2.1-2 because by the time I wrote the
changelog entry didn't know
if the package was to follow security or stable-pu path.
Versioning suggestion is welcome.
> I see that unstable has a 4.0 beta - I assume that also includes the patch?
>
Unstable is a different thing. I'm working in another issues there,
regarding libhtp (see #783220).
So yes, the patch will eventually land in unstable, but it isn't my
focus right now.
I guess last upstream release includes the patch, but I'm not sure
because I didn't check.
diff -Nru suricata-3.2.1/debian/changelog suricata-3.2.1/debian/changelog
--- suricata-3.2.1/debian/changelog 2017-03-16 09:04:03.000000000 +0100
+++ suricata-3.2.1/debian/changelog 2017-07-14 09:01:03.000000000 +0200
@@ -1,3 +1,9 @@
+suricata (3.2.1-2) UNRELEASED; urgency=medium
+
+ * [c1260ec] suricata: add patch "asn1/der: limit recursion"
+
+ -- Arturo Borrero Gonzalez <art...@debian.org> Fri, 14 Jul 2017 09:01:03
+0200
+
suricata (3.2.1-1) unstable; urgency=medium
[ Arturo Borrero Gonzalez ]
diff -Nru suricata-3.2.1/debian/patches/0001-asn1-der-stack-overflow.patch
suricata-3.2.1/debian/patches/0001-asn1-der-stack-overflow.patch
--- suricata-3.2.1/debian/patches/0001-asn1-der-stack-overflow.patch
1970-01-01 01:00:00.000000000 +0100
+++ suricata-3.2.1/debian/patches/0001-asn1-der-stack-overflow.patch
2017-07-14 09:01:03.000000000 +0200
@@ -0,0 +1,29 @@
+From 53d8e2983162a99d1946ae27283ef1d1871fb5a1 Mon Sep 17 00:00:00 2001
+From: Victor Julien <vic...@inliniac.net>
+Date: Mon, 10 Jul 2017 10:15:54 +0200
+Subject: [PATCH] der/asn1: limit recursion
+
+Limit the number of recursive calls in the DER/ASN.1 decoder to avoid
+stack overflows.
+
+Found using AFL.
+---
+ src/util-decode-der.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/util-decode-der.c b/src/util-decode-der.c
+index d3fb3237f3..3153361d7b 100644
+--- a/src/util-decode-der.c
++++ b/src/util-decode-der.c
+@@ -139,6 +139,11 @@ static Asn1Generic * DecodeAsn1DerGeneric(const unsigned
char *buffer,
+ Asn1Generic *child;
+ uint8_t el_type;
+
++ /* refuse excessive recursion */
++ if (unlikely(depth == 255)) {
++ return NULL;
++ }
++
+ el.cls = (d_ptr[0] & 0xc0) >> 6;
+ el.pc = (d_ptr[0] & 0x20) >> 5;
+ el.tag = (d_ptr[0] & 0x1f);
diff -Nru suricata-3.2.1/debian/patches/series
suricata-3.2.1/debian/patches/series
--- suricata-3.2.1/debian/patches/series 2017-03-16 09:03:50.000000000
+0100
+++ suricata-3.2.1/debian/patches/series 2017-07-14 09:01:03.000000000
+0200
@@ -1,2 +1,3 @@
+0001-asn1-der-stack-overflow.patch
reproducible.patch
debian-default-cfg.patch
