|
@@ -0,0 +1,36 @@
|
|
|
|
+Description: Fix time_t expansion on big-endian archs where sizeof(time_t) > 4
|
|
|
|
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
|
|
|
|
+Bug: https://bitbucket.org/ripencc/bgpdump/issues/38/
|
|
|
|
+Bug-Debian: https://bugs.debian.org/832468
|
|
|
|
+Last-Update: 2016-08-04
|
|
|
|
+
|
|
|
|
+ On these archs the present code places the time_t data in the wrong
|
|
|
|
+ 32 bits of time_t. Additionally, broken libc implementations do not
|
|
|
|
+ mask the result of ntohl to the size of 32 bit, resulting in a huge
|
|
|
|
+ time_t value that gmtime cannot handle, which eventually leads to a
|
|
|
|
+ segfault.
|
|
|
|
+
|
|
|
|
+--- a/bgpdump_lib.c
|
|
|
|
++++ b/bgpdump_lib.c
|
|
|
|
+@@ -138,10 +138,11 @@
|
|
|
|
+ u_char *buffer;
|
|
|
|
+ int ok=0;
|
|
|
|
+ u_int32_t bytes_read;
|
|
|
|
++ u_int32_t t;
|
|
|
|
+
|
|
|
|
+ this_entry = malloc_check(sizeof(BGPDUMP_ENTRY));
|
|
|
|
+
|
|
|
|
+- bytes_read = cfr_read_n(dump->f, &(this_entry->time), 4);
|
|
|
|
++ bytes_read = cfr_read_n(dump->f, &t, 4);
|
|
|
|
+ bytes_read += cfr_read_n(dump->f, &(this_entry->type), 2);
|
|
|
|
+ bytes_read += cfr_read_n(dump->f, &(this_entry->subtype), 2);
|
|
|
|
+ bytes_read += cfr_read_n(dump->f, &(this_entry->length), 4);
|
|
|
|
+@@ -150,7 +151,7 @@
|
|
|
|
+ /* Intel byte ordering stuff ... */
|
|
|
|
+ this_entry->type = ntohs(this_entry->type);
|
|
|
|
+ this_entry->subtype = ntohs(this_entry->subtype);
|
|
|
|
+- this_entry->time = ntohl(this_entry->time);
|
|
|
|
++ this_entry->time = (time_t) ntohl (t);
|
|
|
|
+ this_entry->length = ntohl(this_entry->length);
|
|
|
|
+
|
|
|
|
+ /* If Extended Header format, then reading the miscroseconds attribute */
|