Hello community, here is the log from the commit of package tcpreplay for openSUSE:Factory checked in at 2017-03-20 17:09:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tcpreplay (Old) and /work/SRC/openSUSE:Factory/.tcpreplay.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tcpreplay" Mon Mar 20 17:09:00 2017 rev:3 rq:479994 version:4.1.2 Changes: -------- --- /work/SRC/openSUSE:Factory/tcpreplay/tcpreplay.changes 2016-11-22 18:59:16.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.tcpreplay.new/tcpreplay.changes 2017-03-20 17:09:00.814523198 +0100 @@ -1,0 +2,7 @@ +Thu Mar 16 10:29:56 UTC 2017 - [email protected] + +- 278-fail-if-capture-has-a-packet-that-is-too-large.patch: + buffer overflow in tcpcapinfo utility triggered by too large + packet (CVE-2017-6429 bsc#1028234) + +------------------------------------------------------------------- New: ---- 278-fail-if-capture-has-a-packet-that-is-too-large.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tcpreplay.spec ++++++ --- /var/tmp/diff_new_pack.u4M7qQ/_old 2017-03-20 17:09:01.474430020 +0100 +++ /var/tmp/diff_new_pack.u4M7qQ/_new 2017-03-20 17:09:01.478429455 +0100 @@ -1,7 +1,7 @@ # # spec file for package tcpreplay # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,7 @@ Source0: https://github.com/appneta/tcpreplay/releases/download/v%{version}/%{name}-%{version}.tar.gz Source1: https://github.com/appneta/tcpreplay/releases/download/v%{version}/%{name}-%{version}.tar.gz.asc Source2: %{name}.keyring +Patch1: 278-fail-if-capture-has-a-packet-that-is-too-large.patch BuildRequires: libdnet-devel BuildRequires: libpcap-devel BuildRequires: tcpdump @@ -45,6 +46,7 @@ %prep %setup -q +%patch1 -p1 %build %configure \ ++++++ 278-fail-if-capture-has-a-packet-that-is-too-large.patch ++++++ From: Fred Klassen <[email protected]> Date: Sun, 26 Feb 2017 20:45:59 -0800 Subject: * #278 fail if capture has a packet that is too large Patch-mainline: v4.2.0-beta1 Git-commit: d689d14dbcd768c028eab2fb378d849e543dcfe9 References: CVE-2017-6429 bsc#1028234 * Update CHANGELOG --- src/tcpcapinfo.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/tcpcapinfo.c b/src/tcpcapinfo.c index 775f1625b00f..96928820fe94 100644 --- a/src/tcpcapinfo.c +++ b/src/tcpcapinfo.c @@ -281,6 +281,15 @@ main(int argc, char *argv[]) caplen = pcap_ph.caplen; } + if (caplentoobig) { + printf("\n\nCapture file appears to be damaged or corrupt.\n" + "Contains packet of size %u, bigger than snap length %u\n", + caplen, pcap_fh.snaplen); + + close(fd); + break; + } + /* check to make sure timestamps don't go backwards */ if (last_sec > 0 && last_usec > 0) { if ((pcap_ph.ts.tv_sec == last_sec) ? @@ -306,7 +315,7 @@ main(int argc, char *argv[]) } close(fd); - continue; + break; } /* print the frame checksum */ -- 2.12.0
