Browse Source

Refresh patch queue

Christoph Biedl 4 years ago
parent
commit
cd48ef20c7

+ 0 - 32
debian/patches/cherry-pick.v4.3.1-12-gdae97cba.bugs-538-add-check-for-packet-length-in-do-checksum.patch

@@ -1,32 +0,0 @@
-Subject: Bugs #538 add check for packet length in do_checksum()
-ID: CVE-2019-8381
-Origin: v4.3.1-12-gdae97cba <https://github.com/appneta/tcpreplay/commit/v4.3.1-12-gdae97cba>
-Upstream-Author: Fred Klassen <fklassen@appneta.com>
-Date: Tue Mar 12 13:29:10 2019 -0700
-Bug-Debian: https://bugs.debian.org/922622
-
---- a/src/tcpedit/checksum.c
-+++ b/src/tcpedit/checksum.c
-@@ -41,6 +41,7 @@
-     udp_hdr_t *udp;
-     icmpv4_hdr_t *icmp;
-     icmpv6_hdr_t *icmp6;
-+    u_char *layer;
-     int ip_hl;
-     int sum;
- 
-@@ -62,7 +63,13 @@
-         proto = get_ipv6_l4proto(ipv6, len);
-         dbgx(3, "layer4 proto is 0x%hx", (uint16_t)proto);
- 
--        ip_hl = (u_char*)get_layer4_v6(ipv6, len) - (u_char*)data;
-+        layer = (u_char*)get_layer4_v6(ipv6, len);
-+        if (!layer) {
-+            tcpedit_setwarn(tcpedit, "%s", "Packet to short for checksum");
-+            return TCPEDIT_WARN;
-+        }
-+
-+        ip_hl = layer - (u_char*)data;
-         dbgx(3, "ip_hl proto is 0x%d", ip_hl);
- 
-         len -= (ip_hl - TCPR_IPV6_H);

+ 0 - 23
debian/patches/cherry-pick.v4.3.1-2-gecee2ace.fix-null-pointer-dereference-get-ipv6-l4proto.patch

@@ -1,23 +0,0 @@
-Subject: Fix NULL pointer dereference get_ipv6_l4proto()
-ID: CVE-2019-8376
-Origin: v4.3.1-2-gecee2ace <https://github.com/appneta/tcpreplay/commit/v4.3.1-2-gecee2ace>
-Upstream-Author: Gabriel Ganne <gabriel.ganne@mindmaze.ch>
-Date: Wed Mar 6 14:31:08 2019 +0100
-Bug-Debian: https://bugs.debian.org/922624
-
-    get_ipv6_next() returns NULL on malformed packets. If that happens
-    return the last proto that could be read.
-
-    This should fix issue #537
-
---- a/src/common/get.c
-+++ b/src/common/get.c
-@@ -536,6 +536,8 @@
-             case TCPR_IPV6_NH_HBH:
-                 dbgx(3, "Jumping to next extension header (0x%hhx)", proto);
-                 exthdr = get_ipv6_next((struct tcpr_ipv6_ext_hdr_base *)ptr, len);
-+                if (exthdr == NULL)
-+                    return proto;
-                 proto = exthdr->ip_nh;
-                 ptr = (u_char *)exthdr;
-                 break;

+ 0 - 23
debian/patches/cherry-pick.v4.3.1-3-g5d6f191d.fix-null-pointer-dereference-in-get-layer4-v6.patch

@@ -1,23 +0,0 @@
-Subject: Fix NULL pointer dereference in get_layer4_v6()
-ID: CVE-2019-8377
-Origin: v4.3.1-3-g5d6f191d <https://github.com/appneta/tcpreplay/commit/v4.3.1-3-g5d6f191d>
-Upstream-Author: Gabriel Ganne <gabriel.ganne@mindmaze.ch>
-Date: Wed Mar 6 14:15:56 2019 +0100
-Bug-Debian: https://bugs.debian.org/922623
-
-    get_ipv6_next() returns NULL on malformed packets. If that happens
-    return the last header that could be read.
-
-    This should fix issue #536
-
---- a/src/common/get.c
-+++ b/src/common/get.c
-@@ -407,6 +407,8 @@
-             dbgx(3, "Going deeper due to extension header 0x%02X", proto);
-             maxlen = len - (int)((u_char *)ip6_hdr - (u_char *)next);
-             exthdr = get_ipv6_next(next, maxlen);
-+            if (exthdr == NULL)
-+                return next;
-             proto = exthdr->ip_nh;
-             next = exthdr;
-             break;

debian/patches/disable-tcpreplay-test.patch → debian/patches/debian.disable-tcpreplay-test.patch


+ 6 - 6
debian/patches/series

@@ -1,7 +1,7 @@
-# cherry-picked commits. Keep in upstream's chronological order.
-cherry-pick.v4.3.1-2-gecee2ace.fix-null-pointer-dereference-get-ipv6-l4proto.patch
-cherry-pick.v4.3.1-3-g5d6f191d.fix-null-pointer-dereference-in-get-layer4-v6.patch
-cherry-pick.v4.3.1-12-gdae97cba.bugs-538-add-check-for-packet-length-in-do-checksum.patch
+# cherry-picked commits. Keep in upstream's chronological order
 
-disable-tcpreplay-test.patch
-catch-caplen-exceed.patch
+# patches that should go upstream
+upstream.catch-caplen-exceed.patch
+
+# modifications for Debian
+debian.disable-tcpreplay-test.patch

debian/patches/catch-caplen-exceed.patch → debian/patches/upstream.catch-caplen-exceed.patch