Commit f9f4e0e8 authored by Natanael Copa's avatar Natanael Copa

main/tcpflow: backport fix for CVE-2018-18409

and remove unused patch

ref #10429
parent 8a41419a
......@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=tcpflow
pkgver=1.5.0
pkgrel=0
pkgrel=1
pkgdesc="A Tool for monitoring, capturing and storing TCP connections flows"
url="https://github.com/simsong/tcpflow"
arch="all"
......@@ -12,12 +12,18 @@ makedepends="libpcap-dev zlib-dev boost-dev openssl-dev autoconf automake"
install=""
subpackages="$pkgname-doc"
source="http://fossies.org/linux/misc/$pkgname-$pkgver.tar.gz
configure-missing-m4-files.patch"
CVE-2018-18409.patch
"
builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
# 1.5.0-r1:
# - CVE-2018-18409
builddir="$srcdir"/tcpflow-$pkgver
prepare() {
cd "$builddir"
default_prepare
sed -i 's/test-pdfs.sh//' tests/Makefile.am
autoreconf -fsiv
}
......@@ -44,4 +50,4 @@ package() {
}
sha512sums="eaf518e5e4d95ea9587542cec16a65a8e1518b54e6c23d84355ce11780c99758346db364ba502f90d938e54b01a1e32807d69ed35afb1e5e378a9a009c5609f5 tcpflow-1.5.0.tar.gz
79f6255ca9f94c8ce94b4f2c9736e5ff0c1b307492a7af6d16ea3a14915df144c3322a5410cc31bcc28d6eddc1dd02b08d77f891ecbdd7f2ca99f0b9f9228b15 configure-missing-m4-files.patch"
104ffc29954da657d52881491ed8f3102123f8ed36fbd8f435ffa24d05fe2ef7c34d84b16477c1408bac935497499d8550fec81ffaa84b9b783d09f4b6bab428 CVE-2018-18409.patch"
From 89c04b4fb0e46b3c4f1388686e83966e531cbea9 Mon Sep 17 00:00:00 2001
From: "Simson L. Garfinkel" <simsong@acm.org>
Date: Sat, 20 Oct 2018 07:31:32 -0400
Subject: [PATCH] fixed theoretical stack overflow identified in #195)
---
src/iptree.h | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
diff --git a/src/iptree.h b/src/iptree.h
index 6332e8e..6abf25b 100644
--- a/src/iptree.h
+++ b/src/iptree.h
@@ -241,8 +241,10 @@ private:;
return (addr[i / 8]) & (1<<((7-i)&7));
}
/* set the ith bit to 1 */
- static void setbit(uint8_t *addr,size_t i){
- addr[i / 8] |= (1<<((7-i)&7));
+ static void setbit(uint8_t *addr,size_t addr, size_t i){
+ if ( i/8 < addr) {
+ addr[i / 8] |= (1<<((7-i)&7));
+ }
}
virtual ~iptreet(){} // required per compiler warnings
@@ -388,7 +390,8 @@ private:;
uint8_t addr1[ADDRBYTES];
memset(addr0,0,sizeof(addr0)); memcpy(addr0,addr,(depth+7)/8);
- memset(addr1,0,sizeof(addr1)); memcpy(addr1,addr,(depth+7)/8); setbit(addr1,depth);
+ memset(addr1,0,sizeof(addr1)); memcpy(addr1,addr,(depth+7)/8);
+ setbit(addr1,sizeof(addr1),depth);
if(ptr->ptr0) get_histogram(depth+1,addr0,ptr->ptr0,histogram);
if(ptr->ptr1) get_histogram(depth+1,addr1,ptr->ptr1,histogram);
@@ -527,8 +530,10 @@ class ip2tree:public iptreet<uint64_t,32> {
/* de-interleave a pair of addresses */
static void un_pair(uint8_t *addr1,uint8_t *addr2,size_t addr12len,size_t *depth1,size_t *depth2,const uint8_t *addr,size_t addrlen,size_t depth){
for(size_t i=0;i<addrlen*8/2;i++){
- if(iptreet<uint64_t,32>::bit(addr,i*2)) iptreet<uint64_t,32>::setbit(addr1,i);
- if(iptreet<uint64_t,32>::bit(addr,i*2+1)) iptreet<uint64_t,32>::setbit(addr2,i);
+ if(iptreet<uint64_t,32>::bit(addr,i*2))
+ iptreet<uint64_t,32>::setbit(addr1,sizeof(addr1),i);
+ if(iptreet<uint64_t,32>::bit(addr,i*2+1))
+ iptreet<uint64_t,32>::setbit(addr2,sizeof(addr2),i);
}
*depth1 = (depth+1)/2;
*depth2 = (depth)/2;
@@ -563,8 +568,10 @@ class ip2tree:public iptreet<uint64_t,32> {
memset(addr,0,sizeof(addr));
/* Interleave on the bit by bit level */
for(size_t i=0;i<addrlen*8;i++){
- if(iptreet<uint64_t,32>::bit(addr1,i)) iptreet<uint64_t,32>::setbit(addr,i*2);
- if(iptreet<uint64_t,32>::bit(addr2,i)) iptreet<uint64_t,32>::setbit(addr,i*2+1);
+ if(iptreet<uint64_t,32>::bit(addr1,i))
+ iptreet<uint64_t,32>::setbit(addr,sizeof(addr),i*2);
+ if(iptreet<uint64_t,32>::bit(addr2,i))
+ iptreet<uint64_t,32>::setbit(addr,sizeof(addr),i*2+1);
}
add(addr,addrlen*2,val); /* Add it */
}
From f4097c7c99ebb7b54d93a426016840072946c410 Mon Sep 17 00:00:00 2001
From: "Simson L. Garfinkel" <simsong@acm.org>
Date: Wed, 21 Nov 2018 17:57:12 -0600
Subject: [PATCH] fixed sizeof(addr1) and sizeof(addr2) error in un_pair
---
src/iptree.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/iptree.h b/src/iptree.h
index 2c717db..0ddfa14 100644
--- a/src/iptree.h
+++ b/src/iptree.h
@@ -530,9 +530,9 @@ class ip2tree:public iptreet<uint64_t,32> {
static void un_pair(uint8_t *addr1,uint8_t *addr2,size_t addr12len,size_t *depth1,size_t *depth2,const uint8_t *addr,size_t addrlen,size_t depth){
for(size_t i=0;i<addrlen*8/2;i++){
if(iptreet<uint64_t,32>::bit(addr,i*2))
- iptreet<uint64_t,32>::setbit(addr1,sizeof(addr1),i);
+ iptreet<uint64_t,32>::setbit(addr1, addr12len, i);
if(iptreet<uint64_t,32>::bit(addr,i*2+1))
- iptreet<uint64_t,32>::setbit(addr2,sizeof(addr2),i);
+ iptreet<uint64_t,32>::setbit(addr2, addr12len, i);
}
*depth1 = (depth+1)/2;
*depth2 = (depth)/2;
From 0e96c3578a79c41eab1e597ccd38e1c612b47810 Mon Sep 17 00:00:00 2001
From: "Simson L. Garfinkel" <simsong@acm.org>
Date: Sun, 18 Nov 2018 16:29:57 -0500
Subject: [PATCH] updated to 1.5.1; added -Wno-address-of-packed-member; fixed
compile errors accidentally introduced.
---
ChangeLog | 4 ++++
configure.ac | 7 ++++++-
src/iptree.h | 4 ++--
src/tcpflow.cpp | 10 ++++++++++
4 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b0682c1..860ec23 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2018-11-18 Simson Garfinkel <simsong@acm.org>
+ * updated for pcap_findalldevs
+ * added -Wno-address-of-packed-member to avoid error
+
2017-07-12 Simson Garfinkel <simsong@acm.org>
* updated to work with Fedora 26 compilers
* Found bug in sbuf.cpp
diff --git a/configure.ac b/configure.ac
index fc48b63..866417e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,7 +7,7 @@
# and http://www.openismus.com/documents/linux/automake/automake.shtml
AC_PREREQ(2.57)
-AC_INIT(TCPFLOW, 1.5.0, simsong@acm.org)
+AC_INIT(TCPFLOW, 1.5.1, simsong@acm.org)
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_FILES([Makefile src/Makefile tests/Makefile doc/Makefile])
@@ -70,6 +70,10 @@ case $host in
LDFLAGS="$LDFLAGS --static"
mingw="yes"
;;
+
+ *)
+ CXXFLAGS="$CXXFLAGS -Wno-address-of-packed-member"
+ ;;
esac
if test x"${mingw}" == "xno" ; then
@@ -348,6 +352,7 @@ located.])
Mmissing_library="$Mmissing_library libpcap "
])
fi
+AC_CHECK_FUNCS([pcap_findalldevs])
dnl set with_wifi to 0 if you do not want it
AC_ARG_ENABLE([wifi],
diff --git a/src/iptree.h b/src/iptree.h
index 6abf25b..5732dbc 100644
--- a/src/iptree.h
+++ b/src/iptree.h
@@ -241,8 +241,8 @@ private:;
return (addr[i / 8]) & (1<<((7-i)&7));
}
/* set the ith bit to 1 */
- static void setbit(uint8_t *addr,size_t addr, size_t i){
- if ( i/8 < addr) {
+ static void setbit(uint8_t *addr,size_t addrlen, size_t i){
+ if ( i/8 < addrlen) {
addr[i / 8] |= (1<<((7-i)&7));
}
}
diff --git a/src/tcpflow.cpp b/src/tcpflow.cpp
index d85dff6..004107f 100644
--- a/src/tcpflow.cpp
+++ b/src/tcpflow.cpp
@@ -461,9 +461,19 @@ static int process_infile(tcpdemux &demux,const std::string &expression,const ch
} else {
/* if the user didn't specify a device, try to find a reasonable one */
if (device == NULL){
+#ifdef HAVE_PCAP_FINDALLDEVS
+ char errbuf[PCAP_ERRBUF_SIZE];
+ pcap_if_t *alldevs = 0;
+ if (pcap_findalldevs(&alldevs,errbuf)){
+ die("%s", errbuf);
+ }
+ device=strdup(alldevs[0].name);
+ pcap_freealldevs(alldevs);
+#else
if ((device = pcap_lookupdev(error)) == NULL){
die("%s", error);
}
+#endif
}
/* make sure we can open the device */
diff --git a/configure.ac b/configure.ac
index cdaa5da..b11d9cf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -221,8 +221,8 @@ AC_CHECK_FUNCS([MD5_Init EVP_get_digestbyname])
################################################################
## Includes
-m4_include([src/dfxml/src/dfxml_configure.m4])
-m4_include([src/be13_api/be13_configure.m4])
+#m4_include([src/dfxml/src/dfxml_configure.m4])
+#m4_include([src/be13_api/be13_configure.m4])
################################################################
# PTHREAD support
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment