Hi, I'd like to upload the following update for libpcap in squeeze, it addresses two bugs: - #612803: device detection is broken if the bonding module is loaded because it creates an extra file in /sys/class/net, the upstream fix is used verbatim. - #623868 (aka CVE-2011-1935): a security issue that was not serious enough to warrant a DSA. The patch is the result of several upstream commits that were backported to libpcap 1.1.1.
Thanks! changelog | 9 +++ patches/45_bonding.diff | 24 ++++++++++ patches/46_tpacket_alignment.diff | 88 ++++++++++++++++++++++++++++++++++++++ patches/series | 2 4 files changed, 123 insertions(+) diff -Nru libpcap-1.1.1/debian/changelog libpcap-1.1.1/debian/changelog --- libpcap-1.1.1/debian/changelog 2010-04-06 21:38:44.000000000 +0200 +++ libpcap-1.1.1/debian/changelog 2011-07-10 19:26:04.000000000 +0200 @@ -1,3 +1,12 @@ +libpcap (1.1.1-2+squeeze1) stable; urgency=low + + * Backport changes from upstream to fix corruption of snapshot length on + live captures (CVE-2011-1935) (closes: #623868). + * Backport fix from upstream to fix device detection when the bonding + module is loaded (closes: #612803). + + -- Romain Francoise <[email protected]> Sun, 10 Jul 2011 19:26:04 +0200 + libpcap (1.1.1-2) unstable; urgency=low * debian/patches/50_kfreebsd.diff: Fix configure script to properly diff -Nru libpcap-1.1.1/debian/patches/45_bonding.diff libpcap-1.1.1/debian/patches/45_bonding.diff --- libpcap-1.1.1/debian/patches/45_bonding.diff 1970-01-01 01:00:00.000000000 +0100 +++ libpcap-1.1.1/debian/patches/45_bonding.diff 2011-07-10 19:22:56.000000000 +0200 @@ -0,0 +1,24 @@ +commit 073a8b37f97b684a34d29800400879e4e902ff63 +Author: andy-1 <[email protected]> +Date: Tue Apr 27 23:33:23 2010 -0700 + + Ignore /sys/net/dev files if we get ENODEV for them, not just ENXIO. + + Both of them are indications that there's no such interface, so the file + probably corresponds to something other than a device. + + Reviewed-By: Guy Harris <[email protected]> + +diff --git a/pcap-linux.c b/pcap-linux.c +index af12543..de3239a 100644 +--- a/pcap-linux.c ++++ b/pcap-linux.c +@@ -1883,7 +1883,7 @@ scan_sys_class_net(pcap_if_t **devlistp, char *errbuf) + */ + strncpy(ifrflags.ifr_name, name, sizeof(ifrflags.ifr_name)); + if (ioctl(fd, SIOCGIFFLAGS, (char *)&ifrflags) < 0) { +- if (errno == ENXIO) ++ if (errno == ENXIO || errno == ENODEV) + continue; + (void)snprintf(errbuf, PCAP_ERRBUF_SIZE, + "SIOCGIFFLAGS: %.*s: %s", diff -Nru libpcap-1.1.1/debian/patches/46_tpacket_alignment.diff libpcap-1.1.1/debian/patches/46_tpacket_alignment.diff --- libpcap-1.1.1/debian/patches/46_tpacket_alignment.diff 1970-01-01 01:00:00.000000000 +0100 +++ libpcap-1.1.1/debian/patches/46_tpacket_alignment.diff 2011-07-10 19:22:12.000000000 +0200 @@ -0,0 +1,88 @@ +From cc4298babe767e394dc673c87ef3dbabe3fdb7c9 Mon Sep 17 00:00:00 2001 +From: Julien Moutinho <[email protected]> +Date: Tue, 22 Mar 2011 23:53:15 -0700 +Subject: [PATCH] Fix the calculation of the frame size in memory-mapped + captures. + +The old calculation truncated packets to a smaller value than the +snapshot length. +--- + pcap-linux.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 58 insertions(+), 3 deletions(-) + +--- a/pcap-linux.c ++++ b/pcap-linux.c +@@ -3057,15 +3057,70 @@ + { + unsigned i, j, frames_per_block; + struct tpacket_req req; ++ socklen_t len; ++ unsigned int sk_type, tp_reserve, maclen, tp_hdrlen, netoff, macoff; + + /* Note that with large snapshot (say 64K) only a few frames + * will be available in the ring even with pretty large ring size + * (and a lot of memory will be unused). + * The snap len should be carefully chosen to achive best + * performance */ +- req.tp_frame_size = TPACKET_ALIGN(handle->snapshot + +- TPACKET_ALIGN(handle->md.tp_hdrlen) + +- sizeof(struct sockaddr_ll)); ++ ++ /* NOTE: calculus matching those in tpacket_rcv() ++ * in linux-2.6/net/packet/af_packet.c ++ */ ++ len = sizeof(sk_type); ++ if (getsockopt(handle->fd, SOL_SOCKET, SO_TYPE, &sk_type, &len) < 0) { ++ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "getsockopt: %s", pcap_strerror(errno)); ++ return -1; ++ } ++#ifdef PACKET_RESERVE ++ len = sizeof(tp_reserve); ++ if (getsockopt(handle->fd, SOL_PACKET, PACKET_RESERVE, &tp_reserve, &len) < 0) { ++ if (errno != ENOPROTOOPT) { ++ /* ++ * ENOPROTOOPT means "kernel doesn't support ++ * PACKET_RESERVE", in which case we fall back ++ * as best we can. ++ */ ++ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "getsockopt: %s", pcap_strerror(errno)); ++ return -1; ++ } ++ tp_reserve = 0; /* older kernel, reserve not supported */ ++ } ++#else ++ tp_reserve = 0; ++#endif ++ maclen = (sk_type == SOCK_DGRAM) ? 0 : MAX_LINKHEADER_SIZE; ++ /* XXX: in the kernel maclen is calculated from ++ * LL_ALLOCATED_SPACE(dev) and vnet_hdr.hdr_len ++ * in: packet_snd() in linux-2.6/net/packet/af_packet.c ++ * then packet_alloc_skb() in linux-2.6/net/packet/af_packet.c ++ * then sock_alloc_send_pskb() in linux-2.6/net/core/sock.c ++ * but I see no way to get those sizes in userspace, ++ * like for instance with an ifreq ioctl(); ++ * the best thing I've found so far is MAX_HEADER in the kernel ++ * part of linux-2.6/include/linux/netdevice.h ++ * which goes up to 128+48=176; since pcap-linux.c defines ++ * a MAX_LINKHEADER_SIZE of 256 which is greater than that, ++ * let's use it.. maybe is it even large enough to directly ++ * replace macoff.. ++ */ ++ tp_hdrlen = TPACKET_ALIGN(handle->md.tp_hdrlen) + sizeof(struct sockaddr_ll) ; ++ netoff = TPACKET_ALIGN(tp_hdrlen + (maclen < 16 ? 16 : maclen)) + tp_reserve; ++ /* NOTE: AFAICS tp_reserve may break the TPACKET_ALIGN of ++ * netoff, which contradicts ++ * linux-2.6/Documentation/networking/packet_mmap.txt ++ * documenting that: ++ * "- Gap, chosen so that packet data (Start+tp_net) ++ * aligns to TPACKET_ALIGNMENT=16" ++ */ ++ /* NOTE: in linux-2.6/include/linux/skbuff.h: ++ * "CPUs often take a performance hit ++ * when accessing unaligned memory locations" ++ */ ++ macoff = netoff - maclen; ++ req.tp_frame_size = TPACKET_ALIGN(macoff + handle->snapshot); + req.tp_frame_nr = handle->opt.buffer_size/req.tp_frame_size; + + /* compute the minumum block size that will handle this frame. diff -Nru libpcap-1.1.1/debian/patches/series libpcap-1.1.1/debian/patches/series --- libpcap-1.1.1/debian/patches/series 2010-04-06 19:11:56.000000000 +0200 +++ libpcap-1.1.1/debian/patches/series 2011-07-10 19:27:35.000000000 +0200 @@ -2,5 +2,7 @@ 15_linker_script.diff 30_man_fixes.diff 40_fix_bus_usb_path.diff +45_bonding.diff +46_tpacket_alignment.diff 50_kfreebsd.diff 50_autotools-dev.diff -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
