Browse Source

Import upstream version 4.3.2

Fred Klassen 5 years ago
parent
commit
52d88b3a12

+ 10 - 10
configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for tcpreplay 4.3.1.
+# Generated by GNU Autoconf 2.69 for tcpreplay 4.3.2.
 #
 # Report bugs to <https://github.com/appneta/tcpreplay/issues>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='tcpreplay'
 PACKAGE_TARNAME='tcpreplay'
-PACKAGE_VERSION='4.3.1'
-PACKAGE_STRING='tcpreplay 4.3.1'
+PACKAGE_VERSION='4.3.2'
+PACKAGE_STRING='tcpreplay 4.3.2'
 PACKAGE_BUGREPORT='https://github.com/appneta/tcpreplay/issues'
 PACKAGE_URL='http://tcpreplay.sourceforge.net/'
 
@@ -1443,7 +1443,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures tcpreplay 4.3.1 to adapt to many kinds of systems.
+\`configure' configures tcpreplay 4.3.2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1515,7 +1515,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of tcpreplay 4.3.1:";;
+     short | recursive ) echo "Configuration of tcpreplay 4.3.2:";;
    esac
   cat <<\_ACEOF
 
@@ -1689,7 +1689,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-tcpreplay configure 4.3.1
+tcpreplay configure 4.3.2
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2649,7 +2649,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by tcpreplay $as_me 4.3.1, which was
+It was created by tcpreplay $as_me 4.3.2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3790,7 +3790,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='tcpreplay'
- VERSION='4.3.1'
+ VERSION='4.3.2'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -26270,7 +26270,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by tcpreplay $as_me 4.3.1, which was
+This file was extended by tcpreplay $as_me 4.3.2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -26337,7 +26337,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-tcpreplay config.status 4.3.1
+tcpreplay config.status 4.3.2
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

+ 1 - 1
configure.ac

@@ -4,7 +4,7 @@ dnl $Id$
 AC_PREREQ([2.69])
 
 dnl Set version info here!
-AC_INIT([tcpreplay],[4.3.1],
+AC_INIT([tcpreplay],[4.3.2],
     [https://github.com/appneta/tcpreplay/issues],
     [tcpreplay],
     [http://tcpreplay.sourceforge.net/])

+ 6 - 0
docs/CHANGELOG

@@ -1,3 +1,9 @@
+03/12/2019 Version 4.3.2
+    - CVE-2019-8381 memory access in do_checksum() (#538)
+    - CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
+    - CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
+    - Rename Ethereal to Wireshark (#545)
+
 12/27/2018 Version 4.3.1
     - Fix checkspell detected typos (#531)
     - Heap overflow packet2tree and get_l2len (#530)

+ 6 - 5
docs/CREDIT

@@ -1,11 +1,11 @@
-$Id$ 
+$Id$
 
 tcpreplay and it's associated utilities (tcpprep, tcprewrite and flowreplay)
-were designed and written by Aaron Turner, and maintained and updated by 
+were designed and written by Aaron Turner, and maintained and updated by
 Fred Klassen of AppNeta
 
 This product includes software developed by the University of California,
-Berkeley, Lawrence Berkeley Laboratory and its contributors. 
+Berkeley, Lawrence Berkeley Laboratory and its contributors.
 
 The following is a list of people in no particular order who have kindly
 submitted patches or code snippets for me to use in tcpreplay.
@@ -19,7 +19,7 @@ Branden Moore <bmoore-at-cse.nd.edu>
 
 Scott Mace <smace@intt.org>
    - Patch for tcpreplay to support CIDR mode
-   - Patch for ignoring martian IP packets 
+   - Patch for ignoring martian IP packets
 
 Jeffrey Guttenfelder <guttenfelder@sourceforge.net>
    - Code for pausing/restarting tcpreplay via signals.
@@ -59,7 +59,7 @@ Stas Grabois <sagig@radware.com>
     - For his efforts to add IPv6 support to tcpprep and the tcpedit engine
     - For adding IPv6 support to fragroute
 
-Fred Klassen <tcpreplay@appneta.com> - AppNeta 
+Fred Klassen <tcpreplay@appneta.com> - AppNeta
     - New maintainer of Tcpreplay
     - Added netmap support for wire-rate performance on commodity hardware
     - Improve accuracy and performance of the --mbps option
@@ -79,6 +79,7 @@ Pedro Arthur Duarte [aka JEdi] <GitHub @pedroarthur>
 Gabriel Ganne <GitHub @GabrielGanne>
     - Data fuzz rewrite feature
     - Out-of-tree build
+    - General bug fixes
 
 Mario D Santana <GitHUB @@mariodsantana>
     - TCP seq/ack edit

+ 4 - 0
src/common/get.c

@@ -407,6 +407,8 @@ get_layer4_v6(const ipv6_hdr_t *ip6_hdr, const int len)
             dbgx(3, "Going deeper due to extension header 0x%02X", proto);
             maxlen = len - (int)((u_char *)ip6_hdr - (u_char *)next);
             exthdr = get_ipv6_next(next, maxlen);
+            if (exthdr == NULL)
+                return next;
             proto = exthdr->ip_nh;
             next = exthdr;
             break;
@@ -536,6 +538,8 @@ get_ipv6_l4proto(const ipv6_hdr_t *ip6_hdr, int len)
             case TCPR_IPV6_NH_HBH:
                 dbgx(3, "Jumping to next extension header (0x%hhx)", proto);
                 exthdr = get_ipv6_next((struct tcpr_ipv6_ext_hdr_base *)ptr, len);
+                if (exthdr == NULL)
+                    return proto;
                 proto = exthdr->ip_nh;
                 ptr = (u_char *)exthdr;
                 break;

+ 1 - 1
src/common/git_version.c

@@ -1,4 +1,4 @@
-const char GIT_Version[] = "git:v4.3.1";
+const char GIT_Version[] = "git:v4.3.2";
 const char *git_version(void) {
     return GIT_Version;
 }

+ 1 - 1
src/tcpbridge.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpbridge 1 "27 Dec 2018" "tcpbridge" "User Commands"
+.TH tcpbridge 1 "12 Mar 2019" "tcpbridge" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 1 - 1
src/tcpcapinfo.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpcapinfo 1 "27 Dec 2018" "Tcpreplay Suite" "User Commands"
+.TH tcpcapinfo 1 "12 Mar 2019" "Tcpreplay Suite" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 17 - 10
src/tcpedit/checksum.c

@@ -4,9 +4,9 @@
  *   Copyright (c) 2001-2010 Aaron Turner <aturner at synfin dot net>
  *   Copyright (c) 2013-2018 Fred Klassen <tcpreplay at appneta dot com> - AppNeta
  *
- *   The Tcpreplay Suite of tools is free software: you can redistribute it 
- *   and/or modify it under the terms of the GNU General Public License as 
- *   published by the Free Software Foundation, either version 3 of the 
+ *   The Tcpreplay Suite of tools is free software: you can redistribute it
+ *   and/or modify it under the terms of the GNU General Public License as
+ *   published by the Free Software Foundation, either version 3 of the
  *   License, or with the authors permission any later version.
  *
  *   The Tcpreplay Suite is distributed in the hope that it will be useful,
@@ -19,10 +19,10 @@
  */
 
 /*
- * This code is heavily based on (some might even say stolen from) Mike Shiffman's 
+ * This code is heavily based on (some might even say stolen from) Mike Shiffman's
  * checksumming code from Libnet 1.1.3
  */
- 
+
 #include "config.h"
 #include "tcpedit.h"
 #include "checksum.h"
@@ -41,6 +41,7 @@ do_checksum(tcpedit_t *tcpedit, uint8_t *data, int proto, int len) {
     udp_hdr_t *udp;
     icmpv4_hdr_t *icmp;
     icmpv6_hdr_t *icmp6;
+    u_char *layer;
     int ip_hl;
     int sum;
 
@@ -62,7 +63,13 @@ do_checksum(tcpedit_t *tcpedit, uint8_t *data, int proto, int len) {
         proto = get_ipv6_l4proto(ipv6, len);
         dbgx(3, "layer4 proto is 0x%hx", (uint16_t)proto);
 
-        ip_hl = (u_char*)get_layer4_v6(ipv6, len) - (u_char*)data;
+        layer = (u_char*)get_layer4_v6(ipv6, len);
+        if (!layer) {
+            tcpedit_setwarn(tcpedit, "%s", "Packet to short for checksum");
+            return TCPEDIT_WARN;
+        }
+
+        ip_hl = layer - (u_char*)data;
         dbgx(3, "ip_hl proto is 0x%d", ip_hl);
 
         len -= (ip_hl - TCPR_IPV6_H);
@@ -96,8 +103,8 @@ do_checksum(tcpedit_t *tcpedit, uint8_t *data, int proto, int len) {
         case IPPROTO_UDP:
             udp = (udp_hdr_t *)(data + ip_hl);
             /* No need to recalculate UDP checksums if already 0 */
-            if (udp->uh_sum == 0) 
-                break; 
+            if (udp->uh_sum == 0)
+                break;
             udp->uh_sum = 0;
             if (ipv6 != NULL) {
                 sum = do_checksum_math((uint16_t *)&ipv6->ip_src, 32);
@@ -114,7 +121,7 @@ do_checksum(tcpedit_t *tcpedit, uint8_t *data, int proto, int len) {
             icmp->icmp_sum = 0;
             if (ipv6 != NULL) {
                 sum = do_checksum_math((uint16_t *)&ipv6->ip_src, 32);
-                icmp->icmp_sum = CHECKSUM_CARRY(sum);                
+                icmp->icmp_sum = CHECKSUM_CARRY(sum);
             }
             sum += do_checksum_math((uint16_t *)icmp, len);
             icmp->icmp_sum = CHECKSUM_CARRY(sum);
@@ -145,7 +152,7 @@ do_checksum(tcpedit_t *tcpedit, uint8_t *data, int proto, int len) {
         case IPPROTO_OSPF:
         case IPPROTO_OSPF_LSA:
         case IPPROTO_VRRP:
-        case TCPR_PROTO_CDP: 
+        case TCPR_PROTO_CDP:
         case TCPR_PROTO_ISL:
         default:
             tcpedit_setwarn(tcpedit, "Unsupported protocol for checksum: 0x%x", proto);

+ 1 - 1
src/tcpliveplay.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpliveplay 1 "27 Dec 2018" "tcpliveplay" "User Commands"
+.TH tcpliveplay 1 "12 Mar 2019" "tcpliveplay" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 1 - 1
src/tcpprep.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpprep 1 "27 Dec 2018" "tcpprep" "User Commands"
+.TH tcpprep 1 "12 Mar 2019" "tcpprep" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 1 - 1
src/tcpreplay-edit.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpreplay-edit 1 "27 Dec 2018" "tcpreplay" "User Commands"
+.TH tcpreplay-edit 1 "12 Mar 2019" "tcpreplay" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 1 - 1
src/tcpreplay.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcpreplay 1 "27 Dec 2018" "tcpreplay" "User Commands"
+.TH tcpreplay 1 "12 Mar 2019" "tcpreplay" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"

+ 2 - 2
src/tcprewrite.1

@@ -10,7 +10,7 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH tcprewrite 1 "27 Dec 2018" "tcprewrite" "User Commands"
+.TH tcprewrite 1 "12 Mar 2019" "tcprewrite" "User Commands"
 .\"
 .\" DO NOT EDIT THIS FILE (in-mem file)
 .\"
@@ -35,7 +35,7 @@ All arguments must be options.
 
 .SH "DESCRIPTION"
 Tcprewrite is a tool to rewrite packets stored in \fIpcap(3)\fP file format,
-such as created by tools such as \fItcpdump(1)\fP and \fIethereal(1)\fP.
+such as created by tools such as \fItcpdump(1)\fP and \fIwireshark(1)\fP.
 Once a pcap file has had it's packets rewritten, they can be replayed back
 out on the network using \fItcpreplay(1)\fP.
 .sp

+ 3 - 3
src/tcprewrite_opts.c

@@ -74,7 +74,7 @@ extern tcprewrite_opt_t options;
 /**
  *  static const strings for tcprewrite options
  */
-static char const tcprewrite_opt_strs[4911] =
+static char const tcprewrite_opt_strs[4912] =
 /*     0 */ "tcprewrite (tcprewrite)\n"
             "Copyright (C) 2000-2018 Aaron Turner and Fred Klassen, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
@@ -242,7 +242,7 @@ static char const tcprewrite_opt_strs[4911] =
 /*  3876 */ ".tcprewriterc\0"
 /*  3890 */ "tcpreplay-users@lists.sourceforge.net\0"
 /*  3928 */ "Tcprewrite is a tool to rewrite packets stored in 'pcap(3)' file format,\n"
-            "such as created by tools such as 'tcpdump(1)' and 'ethereal(1)'.  Once a\n"
+            "such as created by tools such as 'tcpdump(1)' and 'wireshark(1)'.  Once a\n"
             "pcap file has had it's packets rewritten, they can be replayed back out on\n"
             "the network using 'tcpreplay(1)'.\n\n"
             "tcprewrite currently supports reading the following DLT types:\n\n\n"
@@ -2595,7 +2595,7 @@ Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
 
   /* referenced via tcprewriteOptions.pzDetail */
   puts(_("Tcprewrite is a tool to rewrite packets stored in 'pcap(3)' file format,\n\
-such as created by tools such as 'tcpdump(1)' and 'ethereal(1)'.  Once a\n\
+such as created by tools such as 'tcpdump(1)' and 'wireshark(1)'.  Once a\n\
 pcap file has had it's packets rewritten, they can be replayed back out on\n\
 the network using 'tcpreplay(1)'.\n\n"));
   puts(_("tcprewrite currently supports reading the following DLT types:\n\n\n"));

+ 1 - 1
src/tcprewrite_opts.def

@@ -51,7 +51,7 @@ config-header   = "config.h";
 
 detail = <<- EOText
 Tcprewrite is a tool to rewrite packets stored in @file{pcap(3)} file format,
-such as created by tools such as @file{tcpdump(1)} and @file{ethereal(1)}.
+such as created by tools such as @file{tcpdump(1)} and @file{wireshark(1)}.
 Once a pcap file has had it's packets rewritten, they can be replayed back
 out on the network using @file{tcpreplay(1)}.