Package: net-tools Version: 1.60-17 Severity: normal Tags: patch
The 'netstat' command has an option for showing PID/programs owning a socket. On a long running kernel, the socket number can overflow the strtol check. See netstat.c code, the relevant functions are extract_type_1_socket_inode and extract_type_2_socket_inode. I've attached a dpatch file, together with what is needed to rebuild a patched net-tools package. Regards, Antonio Galea -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.26-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages net-tools depends on: ii libc6 2.3.5-6 GNU C Library: Shared libraries an -- no debconf information
01-socket-overflow.dpatch
01-socket-overflow.dpatch
Description: application/shellscript
#!/usr/bin/make -f # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # This is the debhelper compatability version to use. export DH_COMPAT=1 configure: configure-stamp configure-stamp: patch dh_testdir touch configure-stamp patch: dpatch apply-all build: configure-stamp build-stamp build-stamp: dh_testdir cp debian/config.h config.h cp debian/config.make config.make $(MAKE) touch build-stamp clean: clean-patched unpatch clean-patched: dh_testdir dh_testroot rm -f build-stamp configure-stamp -$(MAKE) clobber dh_clean unpatch: dpatch deapply-all rm -rf debian/patched install: build dh_testdir dh_testroot dh_clean -k dh_installdirs $(MAKE) update BASEDIR=`pwd`/debian/tmp mv debian/tmp/sbin/arp debian/tmp/usr/sbin/arp # we don't want man pages for domainname and friends... (yet) rm -rf debian/tmp/usr/share/man/*/man1/ debian/tmp/usr/share/man/man1/ # we don't install local manpages until policy is clear rm -rf debian/tmp/usr/share/man/*_*/ # Build architecture-independent files here. binary-indep: build install # We have nothing to do by default. # Build architecture-dependent files here. binary-arch: build install # dh_testversion dh_testdir dh_testroot # dh_installdebconf dh_installdocs dh_installexamples dh_installmenu dh_installcron # dh_installmanpages dh_installinfo # dh_undocumented dh_installchangelogs dh_link dh_strip dh_compress dh_fixperms # dh_makeshlibs dh_installdeb dh_shlibdeps dh_gencontrol -- -isp dh_md5sums dh_builddeb binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install patch clean-patched unpatch
net-tools (1.60-18) unstable; urgency=medium * netstat.c: fixed invisible PID/program on long-running kernels -- Antonio Galea <[EMAIL PROTECTED]> Fri, 30 Dec 2005 16:24:08 +0100 net-tools (1.60-17) unstable; urgency=medium * arp.c: bus error on sparc64 with latest gcc fixed. (Closes: Bug#340384) -- Bernd Eckenfels <[EMAIL PROTECTED]> Sun, 04 Dec 2005 05:47:05 +0100 net-tools (1.60-16) unstable; urgency=low * spelling fix to slattach(8) (Closes: Bug#326124 (patch by A.Costa) * inet.c: portability fix for 64bit. * comment cleanups to aliagn with 1.65 cvs * net-support.h, inet_sr.c, nstrcmp.c, arp.c, ether.h -- Bernd Eckenfels <[EMAIL PROTECTED]> Mon, 24 Oct 2005 22:05:38 +0200 net-tools (1.60-15) unstable; urgency=low * minor formating fix to ifconfig(8) -- Bernd Eckenfels <[EMAIL PROTECTED]> Thu, 30 Jun 2005 21:49:52 +0200 net-tools (1.60-14) unstable; urgency=low * added iptables(8) in ifconfig(8) (thanks Toralf Förster) * more usage updates in ifconfig.8 (used upstream HEAD=1.11) -- Bernd Eckenfels <[EMAIL PROTECTED]> Thu, 30 Jun 2005 20:51:18 +0200 net-tools (1.60-13) unstable; urgency=low * X25 code compiles with 2.4 and 2.6 kernel headers (Closes: Bug#271678) * IMPORTANT: make ifconfig show alias interfaces in 2.6 again. * resort media type array to match kernel (Closes: Bug#199920) -- Bernd Eckenfels <[EMAIL PROTECTED]> Tue, 17 May 2005 01:28:51 +0200 net-tools (1.60-12) unstable; urgency=low * make TR hw address type work for new kernel (Closes: Bug #79462, #203400) * update-po uses msgmerge, new net-tools.pot (Closes: Bug: 271426) * de-support dontpub option in arp -? und arp.8 (Closes: Bug #203396) -- Bernd Eckenfels <[EMAIL PROTECTED]> Mon, 16 May 2005 06:33:48 +0200 net-tools (1.60-11) unstable; urgency=low * spelling fixes (Closes: Bug #305640, #305638, 305637) * nameif.c avoid overflow by malicious kernel * avoid overflow of the TX-OK Column (Closes: Bug #308922) -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 14 May 2005 01:48:45 +0200 net-tools (1.60-10) unstable; urgency=low * typo fix in po/de.po for german arp command output (Closes: Bug #176151) * added diagnostics messages to mii-tool.8 (Closes: Bug #239229) * new version of nstrcmp (Closes: Bug #226503) * enable EUI64 support * stadanrds version 3.6.1 (no changes) -- Bernd Eckenfels <[EMAIL PROTECTED]> Fri, 23 Apr 2004 00:57:20 +0200 net-tools (1.60-9) unstable; urgency=medium * debian/changelog: fixed in last entry fixed bug from 197925 to 197924 * include linux/sockios.h for SIOCGMIIPHY definition (new style) which will fix MII reporting on 2.4 kernels. (Closes: Bug #133648) NOTE: this will now require root to work, it will also not work on older kernels. * Rene Engelhard's patch to make AF X25 compile with 2.6 headers (Closes: Bug #223091) -- Bernd Eckenfels <[EMAIL PROTECTED]> Mon, 29 Dec 2003 13:42:20 +0100 net-tools (1.60-8) unstable; urgency=medium * lib/interface.c: backed off change which skipped reading ioctl interfacelist, if _proc interfacelist was ok, which does not work, because alias interfaces are only in ioctl list available. It is also falling back to the original lib/nstrcml.c because the comparision if : is present does not work. (Closes: bug #197924, #197582, #197269) * bumped standards version (no changes) -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 28 Jun 2003 02:56:38 +0200 net-tools (1.60-7) unstable; urgency=low * interfaces.c: cvs version fixes Connectiva Bug #5711 (Closes: #149576) from Eduardo Pereira Habkost * netstat.c: cvs version adds support for tcp6,udp6,icmp6 protocols * netstat.c: cvs version adds support for -4 or -6 cmd line shortcut * netstat.c: cvs version adds fix for inode signedness (Closes: #134600, #78932) * ifconfig: removed -i from usage (Closes: #181528) * make gcc 3.3 happy: added ull unsigned long long prefix to constant * lib/ddp_gr.c+pathnames.h: first support for appletalk routing from cvs * lib/eui64.c+hw.c+Makefile: forst support for new hw type from cvs * lib/interface.c: cvs fix for column run-into (Closes: #161080) * lib/irda.c,lib/ipx.c: cvs update * lib/nstrcmp.c: new, faster version, fixes b-lookups for ifconfig * hostanme.c: gcc 3.3 fix from cvs (not compiled in net-tools.deb) * lib/interface: fixed memory globbering (Closes: #135744, #149579, #185187) -- Bernd Eckenfels <[EMAIL PROTECTED]> Thu, 12 Jun 2003 05:44:38 +0200 net-tools (1.60-6) unstable; urgency=low * took route.c from upstream cvs: allow -6 and -4 option * took statistics.c from upstream cvs: more complete netstat -S * took README from upstream cvs: fix COPYING file title and removed the line (Closes: #102139) * took arp.c from upstream: fixed name "PUB", better not found handling, implicite proxy arp mac changed from '*' to '<from_interface>', usage line made shorter * added mii-tool in control file (Closes: #172473) * fixed description of binary multiple in man page (Closes: #182487) * fixed interpunctation in netstat(8) (Closes: #191660) * fixed compile warning in inet_sr.c by removing empty default: label in switch -- Bernd Eckenfels <[EMAIL PROTECTED]> Wed, 28 May 2003 22:35:12 +0200 net-tools (1.60-5) unstable; urgency=low * thanks Andrew for the 4.1 NMU * NMU: Apply nameif patch from Matt Domsch. (Closes: #178209) * Fix FTB bug (string concatenation in gcc 3.3) (Closes: #194995) * Fix segfault in mii-tool by using cvs version (Closes: #139027) * fixed plural of authors to make lintian happy (I JOIN YOU :) -- Bernd Eckenfels <[EMAIL PROTECTED]> Wed, 28 May 2003 22:04:14 +0200 net-tools (1.60-4.1) unstable; urgency=low * NMU * Apply nameif patch from Matt Domsch. (Closes: #178209) -- Andrew Suffield <[EMAIL PROTECTED]> Wed, 9 Apr 2003 21:44:09 +0100 net-tools (1.60-4) unstable; urgency=medium * fixed (upstream) spurious newline in ifconfig Thanks Jonathen, Closes: Bug #109379 * fixed SI-Units printout in ifconfig (Closes: Bug #110629, #97029, #100167) * this is done by including lib/interfaces.c from upstream cvs * also added ifconfig man page from upstream cvs * fixed (upstream) man page about netstat's --interface opt. (Closes: Bug#120475) -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 24 Nov 2001 06:26:37 +0100 net-tools (1.60-3) unstable; urgency=medium * fixed upstream error where counters in ifconfig/netstat -i are 0 -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 10 Nov 2001 18:12:13 +0100 net-tools (1.60-2) unstable; urgency=low * Fixed the following bug: (Closes: #117837) * inserted ifconfig.c from upstream cvs to do this * bumped debian Standard 3.1.1 -> 3.5.6 and removed -g from linking -- Bernd Eckenfels <[EMAIL PROTECTED]> Thu, 1 Nov 2001 02:51:33 +0100 net-tools (1.60-1) unstable; urgency=low * New upstream * Phil fixed the following Bugs upstream: (Closes: #91919, #93048, #90282) -- Bernd Eckenfels <[EMAIL PROTECTED]> Mon, 16 Apr 2001 02:28:12 +0200 net-tools (1.59-1) unstable; urgency=low * added Build Dependencies (closes bug: #89083) * new upstream version * removed dh_suidregister and a few comments from rules file -- Bernd Eckenfels <[EMAIL PROTECTED]> Sun, 18 Mar 2001 03:00:33 +0100 net-tools (1.58-2) unstable; urgency=low * backported ifconfig change from 1.59 to avoid closing socket too early on some systems (depending on the protocols installed). Closes Bug: #85688, #85743 -- Bernd Eckenfels <[EMAIL PROTECTED]> Tue, 13 Feb 2001 01:39:59 +0100 net-tools (1.58-1) unstable; urgency=low * new upstream version * removed local man pages for now (Closes: bug #83894) * install nameif in /sbin -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 10 Feb 2001 21:50:30 +0100 net-tools (1.57-2) unstable; urgency=high * rebuild, this is believed to closes: #75825 -- Bernd Eckenfels <[EMAIL PROTECTED]> Sat, 30 Dec 2000 22:43:01 +0100 net-tools (1.57-1) unstable; urgency=low * new debian maintainer (thanks Anthony for the Work!) * new upstream version -- Bernd Eckenfels <[EMAIL PROTECTED]> Mon, 14 Aug 2000 02:40:13 +0200 net-tools (1.54-3) unstable; urgency=low * Argggh. Don't use that horrible dh_installmanpages hack. (Closes: Bug#68925, Bug#68879) -- Anthony Towns <[EMAIL PROTECTED]> Sun, 13 Aug 2000 00:12:05 +1000 net-tools (1.54-2) unstable; urgency=low * Reapply slattach patch from netbase 3.16-3. -- Anthony Towns <[EMAIL PROTECTED]> Thu, 10 Aug 2000 11:32:58 +1000 net-tools (1.54-1) unstable; urgency=low * Split from netbase. -- Anthony Towns <[EMAIL PROTECTED]> Mon, 17 Jul 2000 07:34:12 +1000 Local variables: mode: debian-changelog End: