Commit d7f68bf5 authored by Timo Teräs's avatar Timo Teräs

main/ulogd: fix fortify found memcpy misuse causing crash

fixes #5261
parent 2f54ab15
...@@ -2,19 +2,20 @@ ...@@ -2,19 +2,20 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=ulogd pkgname=ulogd
pkgver=2.0.5 pkgver=2.0.5
pkgrel=1 pkgrel=2
pkgdesc="A userspace logging daemon for netfilter/iptables related logging" pkgdesc="A userspace logging daemon for netfilter/iptables related logging"
url="http://netfilter.org/projects/ulogd/index.html" url="http://netfilter.org/projects/ulogd/index.html"
arch="all" arch="all"
license="GPL2" license="GPL2"
depends="" depends=""
makedepends="libmnl-dev libpcap-dev libnetfilter_acct-dev makedepends="libmnl-dev libpcap-dev libnetfilter_acct-dev bsd-compat-headers
libnfnetlink-dev libnetfilter_conntrack-dev libnetfilter_log-dev libnfnetlink-dev libnetfilter_conntrack-dev libnetfilter_log-dev
pkgconfig mariadb-dev openssl-dev postgresql-dev zlib-dev linux-headers pkgconfig mariadb-dev openssl-dev postgresql-dev zlib-dev linux-headers
autoconf automake libtool" autoconf automake libtool"
subpackages="$pkgname-mysql $pkgname-pgsql $pkgname-doc" subpackages="$pkgname-mysql $pkgname-pgsql $pkgname-doc"
source="http://www.netfilter.org/projects/$pkgname/files/$pkgname-$pkgver.tar.bz2 source="http://www.netfilter.org/projects/$pkgname/files/$pkgname-$pkgver.tar.bz2
musl-fixes.patch musl-fixes.patch
fix-pluginit.patch
ulogd.initd ulogd.initd
ulogd.confd ulogd.confd
ulogd.logrotate ulogd.logrotate
...@@ -79,16 +80,19 @@ pgsql() { ...@@ -79,16 +80,19 @@ pgsql() {
md5sums="f0f8fe1371fa28b5e06cb16aaa0111dd ulogd-2.0.5.tar.bz2 md5sums="f0f8fe1371fa28b5e06cb16aaa0111dd ulogd-2.0.5.tar.bz2
5f83766c1255bf75ab65d43bfb320820 musl-fixes.patch 5f83766c1255bf75ab65d43bfb320820 musl-fixes.patch
9380d082a4606f06e6d384eb9031eb31 fix-pluginit.patch
80a99785fb7953d2a21a6feb906ffcc1 ulogd.initd 80a99785fb7953d2a21a6feb906ffcc1 ulogd.initd
b9b2fa217ee02211debee5a5dffdcda7 ulogd.confd b9b2fa217ee02211debee5a5dffdcda7 ulogd.confd
77688e9c300750f5423ed2ad37ae8b32 ulogd.logrotate" 77688e9c300750f5423ed2ad37ae8b32 ulogd.logrotate"
sha256sums="a221cb9f77347c0ca00d0937e27c1b90e3291a553cc62a4139b788e2e420e8c0 ulogd-2.0.5.tar.bz2 sha256sums="a221cb9f77347c0ca00d0937e27c1b90e3291a553cc62a4139b788e2e420e8c0 ulogd-2.0.5.tar.bz2
a5e1f9bf792227e657fc8af619af6e736712bb5b1e81faa16ea55c447482d547 musl-fixes.patch a5e1f9bf792227e657fc8af619af6e736712bb5b1e81faa16ea55c447482d547 musl-fixes.patch
d186c22fcdd5faa4d58f406567047e4dd1a3126e16f7a6e6a57b01732e43da7d fix-pluginit.patch
4be34ad9caffb96524c1614cd03dbd230160646e55eda9e538f3e9c91150b687 ulogd.initd 4be34ad9caffb96524c1614cd03dbd230160646e55eda9e538f3e9c91150b687 ulogd.initd
78cfce3aceba3f29e08f37b2f29784aedde1266d3b7dfdbe2426d2ed258e9c18 ulogd.confd 78cfce3aceba3f29e08f37b2f29784aedde1266d3b7dfdbe2426d2ed258e9c18 ulogd.confd
1acb7dad5182a9b9f9df88ef15ca31076fdba3ba6a63a5faad0edc96e3204ca9 ulogd.logrotate" 1acb7dad5182a9b9f9df88ef15ca31076fdba3ba6a63a5faad0edc96e3204ca9 ulogd.logrotate"
sha512sums="bf00b8adaad7bd04077a83521b0d7accc26e644c8f3386819e7f91476178b6733f1c6554fb82dd0d3913398c83a61d65f61dc973f199f610bfaadc6251504819 ulogd-2.0.5.tar.bz2 sha512sums="bf00b8adaad7bd04077a83521b0d7accc26e644c8f3386819e7f91476178b6733f1c6554fb82dd0d3913398c83a61d65f61dc973f199f610bfaadc6251504819 ulogd-2.0.5.tar.bz2
e512b1e1e6f00cc8d0c4e3eee7c87ba854d668e40d77e82aabfacdc79425b2101f8ec77f8f4fdf19b6f95e2a4595fd5d53560647cad45ab498a359cec92f57fd musl-fixes.patch e512b1e1e6f00cc8d0c4e3eee7c87ba854d668e40d77e82aabfacdc79425b2101f8ec77f8f4fdf19b6f95e2a4595fd5d53560647cad45ab498a359cec92f57fd musl-fixes.patch
5e98a45dac0d13520d16c6b45560dfed398bdac78f5328a40566088493a90793ccd01c0ac576bed4d0b97fdb49df19191bde83f631323c387bf1ed77dcbfa57c fix-pluginit.patch
838da2132aefd20c2597d2a5163b788355a3d250328fceadc96142f43096b998402bcfcbae133272f89a838c1be56fff4c9004b2d8f8d6b1910b38dd4fb8f6a8 ulogd.initd 838da2132aefd20c2597d2a5163b788355a3d250328fceadc96142f43096b998402bcfcbae133272f89a838c1be56fff4c9004b2d8f8d6b1910b38dd4fb8f6a8 ulogd.initd
bdae1ff90c671b6847dfda1947a33e24bfbe16ad963f85769d923ba33021bc4ca315fd410b46fac102f0a24e879e4be4ad7bb5978c5a6755e74e6b5d7c3e18ee ulogd.confd bdae1ff90c671b6847dfda1947a33e24bfbe16ad963f85769d923ba33021bc4ca315fd410b46fac102f0a24e879e4be4ad7bb5978c5a6755e74e6b5d7c3e18ee ulogd.confd
2ded9734ca903147ae2fc15af47d3f03ecc44f1f9b284d3c30d013a762d0cebf22e14ed3f5e7be8ee2d3d508c7b7afcdbc3819d4930c264416ed1fa463e03e6d ulogd.logrotate" 2ded9734ca903147ae2fc15af47d3f03ecc44f1f9b284d3c30d013a762d0cebf22e14ed3f5e7be8ee2d3d508c7b7afcdbc3819d4930c264416ed1fa463e03e6d ulogd.logrotate"
diff -ru ulogd-2.0.5.orig/src/ulogd.c ulogd-2.0.5/src/ulogd.c
--- ulogd-2.0.5.orig/src/ulogd.c 2016-03-15 16:15:23.743995611 +0200
+++ ulogd-2.0.5/src/ulogd.c 2016-03-16 15:59:31.459082159 +0200
@@ -571,7 +571,7 @@
INIT_LLIST_HEAD(&pi->plist);
pi->plugin = pl;
pi->stack = stack;
- memcpy(pi->id, pi_id, sizeof(pi->id));
+ strncpy(pi->id, pi_id, sizeof(pi->id));
ptr = (void *)pi + sizeof(*pi);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment