1 |
pva 08/01/31 13:28:29 |
2 |
|
3 |
Modified: netperf-fix-scripts.patch |
4 |
Added: netperf-CVE-2007-1444.patch |
5 |
Removed: netperf-2.2alpha.diff |
6 |
Log: |
7 |
Version bump. Fixed security issue (CVE-2007-1444), bug 170569, reported by Pierre-Yves Rofes <py AT gentoo.org>. Patch for vulnerability taken from bugs.debian.org/413658, thank you Nico Golde <nion AT debian.org> for the fix! Remove old. |
8 |
(Portage version: 2.1.3.19) |
9 |
|
10 |
Revision Changes Path |
11 |
1.2 net-analyzer/netperf/files/netperf-fix-scripts.patch |
12 |
|
13 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/netperf/files/netperf-fix-scripts.patch?rev=1.2&view=markup |
14 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/netperf/files/netperf-fix-scripts.patch?rev=1.2&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/netperf/files/netperf-fix-scripts.patch?r1=1.1&r2=1.2 |
16 |
|
17 |
Index: netperf-fix-scripts.patch |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/netperf/files/netperf-fix-scripts.patch,v |
20 |
retrieving revision 1.1 |
21 |
retrieving revision 1.2 |
22 |
diff -u -r1.1 -r1.2 |
23 |
--- netperf-fix-scripts.patch 29 Jan 2007 20:05:05 -0000 1.1 |
24 |
+++ netperf-fix-scripts.patch 31 Jan 2008 13:28:29 -0000 1.2 |
25 |
@@ -1,44 +1,31 @@ |
26 |
-diff -u doc/examples.ori/arr_script doc/examples/arr_script |
27 |
---- doc/examples.ori/arr_script 2007-01-29 20:01:45.000000000 +0000 |
28 |
-+++ doc/examples/arr_script 2007-01-29 20:01:16.000000000 +0000 |
29 |
-@@ -10,8 +10,8 @@ |
30 |
+diff -Naur netperf-2.4.4.orig/doc/examples/arr_script netperf-2.4.4/doc/examples/arr_script |
31 |
+--- netperf-2.4.4.orig/doc/examples/arr_script 2007-06-02 02:06:03.000000000 +0400 |
32 |
++++ netperf-2.4.4/doc/examples/arr_script 2008-01-31 15:34:54.000000000 +0300 |
33 |
+@@ -12,8 +12,7 @@ |
34 |
TOLERANCE=15 |
35 |
MAX_RETRIES=3 |
36 |
|
37 |
- NETPERF="/usr/local/netperf/netperf" |
38 |
- NETPERF="./netperf" |
39 |
-+# NETPERF="/usr/local/netperf/netperf" |
40 |
+ NETPERF="/usr/bin/netperf" |
41 |
|
42 |
NPROC_LIST="" |
43 |
RR_SIZES="" |
44 |
-diff -u doc/examples.ori/packet_byte_script doc/examples/packet_byte_script |
45 |
---- doc/examples.ori/packet_byte_script 2007-01-29 20:01:45.000000000 +0000 |
46 |
-+++ doc/examples/packet_byte_script 2007-01-29 20:01:16.000000000 +0000 |
47 |
-@@ -22,7 +22,7 @@ |
48 |
+diff -Naur netperf-2.4.4.orig/doc/examples/packet_byte_script netperf-2.4.4/doc/examples/packet_byte_script |
49 |
+--- netperf-2.4.4.orig/doc/examples/packet_byte_script 2008-01-31 15:23:26.000000000 +0300 |
50 |
++++ netperf-2.4.4/doc/examples/packet_byte_script 2008-01-31 15:35:21.000000000 +0300 |
51 |
+@@ -25,7 +25,7 @@ |
52 |
fi |
53 |
|
54 |
# where is netperf |
55 |
--NETPERF_CMD=${NETPERF_CMD:=/opt/netperf/netperf} |
56 |
-+NETPERF_CMD=${NETPERF_CMD:=/usr/bin/netperf} |
57 |
+-NETPERF_DIR=${NETPERF_DIR:=/opt/netperf2/bin} |
58 |
++NETPERF_DIR=${NETPERF_DIR:=/usr/bin} |
59 |
|
60 |
- # at what port will netserver be waiting? If you decide to run |
61 |
- # netserver at a differnet port than the default of 12865, then set |
62 |
-diff -u doc/examples.ori/sctp_stream_script doc/examples/sctp_stream_script |
63 |
---- doc/examples.ori/sctp_stream_script 2007-01-29 20:01:45.000000000 +0000 |
64 |
-+++ doc/examples/sctp_stream_script 2007-01-29 20:01:16.000000000 +0000 |
65 |
-@@ -24,7 +24,7 @@ |
66 |
- # where the programs are |
67 |
- #NETHOME=/usr/local/netperf |
68 |
- #NETHOME="/opt/netperf" |
69 |
--NETHOME=. |
70 |
-+NETHOME=/usr/bin/ |
71 |
|
72 |
# at what port will netserver be waiting? If you decide to run |
73 |
- # netserver at a differnet port than the default of 12865, then set |
74 |
-diff -u doc/examples.ori/snapshot_script doc/examples/snapshot_script |
75 |
---- doc/examples.ori/snapshot_script 2007-01-29 20:01:45.000000000 +0000 |
76 |
-+++ doc/examples/snapshot_script 2007-01-29 20:01:16.000000000 +0000 |
77 |
+diff -Naur netperf-2.4.4.orig/doc/examples/snapshot_script netperf-2.4.4/doc/examples/snapshot_script |
78 |
+--- netperf-2.4.4.orig/doc/examples/snapshot_script 2007-06-02 02:06:03.000000000 +0400 |
79 |
++++ netperf-2.4.4/doc/examples/snapshot_script 2008-01-31 15:35:38.000000000 +0300 |
80 |
@@ -37,7 +37,7 @@ |
81 |
# |
82 |
# where is netperf installed, there are a few possible places: |
83 |
@@ -48,64 +35,3 @@ |
84 |
|
85 |
|
86 |
# there should be no more than two parms passed |
87 |
-Only in doc/examples: .svn |
88 |
-diff -u doc/examples.ori/tcp_range_script doc/examples/tcp_range_script |
89 |
---- doc/examples.ori/tcp_range_script 2007-01-29 20:01:45.000000000 +0000 |
90 |
-+++ doc/examples/tcp_range_script 2007-01-29 20:01:16.000000000 +0000 |
91 |
-@@ -43,7 +43,7 @@ |
92 |
- # where is netperf, and are there any "constant" options such as |
93 |
- # the netserver port number |
94 |
- #NETHOME=/usr/etc/net_perf |
95 |
--NETHOME="." |
96 |
-+NETHOME="/usr/bin" |
97 |
- NETPERF=$NETHOME/netperf $PORT |
98 |
- |
99 |
- # How accurate we want the estimate of performance: |
100 |
-diff -u doc/examples.ori/tcp_rr_script doc/examples/tcp_rr_script |
101 |
---- doc/examples.ori/tcp_rr_script 2007-01-29 20:01:45.000000000 +0000 |
102 |
-+++ doc/examples/tcp_rr_script 2007-01-29 20:01:16.000000000 +0000 |
103 |
-@@ -25,7 +25,7 @@ |
104 |
- # where the programs are |
105 |
- #NETHOME=/usr/local/netperf |
106 |
- #NETHOME="/opt/netperf" |
107 |
--NETHOME=. |
108 |
-+NETHOME="/usr/bin" |
109 |
- |
110 |
- # at what port will netserver be waiting? If you decide to run |
111 |
- # netserver at a differnet port than the default of 12865, then set |
112 |
-diff -u doc/examples.ori/tcp_stream_script doc/examples/tcp_stream_script |
113 |
---- doc/examples.ori/tcp_stream_script 2007-01-29 20:01:45.000000000 +0000 |
114 |
-+++ doc/examples/tcp_stream_script 2007-01-29 20:01:16.000000000 +0000 |
115 |
-@@ -24,7 +24,7 @@ |
116 |
- # where the programs are |
117 |
- #NETHOME=/usr/local/netperf |
118 |
- #NETHOME="/opt/netperf" |
119 |
--NETHOME=. |
120 |
-+NETHOME="/usr/bin" |
121 |
- |
122 |
- # at what port will netserver be waiting? If you decide to run |
123 |
- # netserver at a different port than the default of 12865, then set |
124 |
-diff -u doc/examples.ori/udp_rr_script doc/examples/udp_rr_script |
125 |
---- doc/examples.ori/udp_rr_script 2007-01-29 20:01:45.000000000 +0000 |
126 |
-+++ doc/examples/udp_rr_script 2007-01-29 20:01:16.000000000 +0000 |
127 |
-@@ -22,7 +22,7 @@ |
128 |
- |
129 |
- #NETHOME=/usr/local/netperf |
130 |
- #NETHOME="/opt/netperf" |
131 |
--NETHOME="." |
132 |
-+NETHOME="/usr/bin" |
133 |
- |
134 |
- # at what port will netserver be waiting? If you decide to run |
135 |
- # netserver at a differnet port than the default of 12865, then set |
136 |
-diff -u doc/examples.ori/udp_stream_script doc/examples/udp_stream_script |
137 |
---- doc/examples.ori/udp_stream_script 2007-01-29 20:01:45.000000000 +0000 |
138 |
-+++ doc/examples/udp_stream_script 2007-01-29 20:01:16.000000000 +0000 |
139 |
-@@ -19,7 +19,7 @@ |
140 |
- |
141 |
- #NETHOME=/usr/local/netperf |
142 |
- #NETHOME="/opt/netperf" |
143 |
--NETHOME="." |
144 |
-+NETHOME="/usr/bin" |
145 |
- |
146 |
- # at what port will netserver be waiting? If you decide to run |
147 |
- # netserver at a differnet port than the default of 12865, then set |
148 |
|
149 |
|
150 |
|
151 |
1.1 net-analyzer/netperf/files/netperf-CVE-2007-1444.patch |
152 |
|
153 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/netperf/files/netperf-CVE-2007-1444.patch?rev=1.1&view=markup |
154 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/netperf/files/netperf-CVE-2007-1444.patch?rev=1.1&content-type=text/plain |
155 |
|
156 |
Index: netperf-CVE-2007-1444.patch |
157 |
=================================================================== |
158 |
diff -Naur netperf-2.4.4.orig/src/netlib.c netperf-2.4.4.patched/src/netlib.c |
159 |
--- netperf-2.4.4.orig/src/netlib.c 2007-10-18 01:16:02.000000000 +0400 |
160 |
+++ netperf-2.4.4.patched/src/netlib.c 2008-01-30 22:03:01.000000000 +0300 |
161 |
@@ -244,6 +244,7 @@ |
162 |
union netperf_response_struct netperf_response; |
163 |
|
164 |
FILE *where; |
165 |
+int fd = -1; |
166 |
|
167 |
char libfmt = '?'; |
168 |
|
169 |
diff -Naur netperf-2.4.4.orig/src/netlib.h netperf-2.4.4.patched/src/netlib.h |
170 |
--- netperf-2.4.4.orig/src/netlib.h 2007-10-18 01:17:37.000000000 +0400 |
171 |
+++ netperf-2.4.4.patched/src/netlib.h 2008-01-30 21:46:34.000000000 +0300 |
172 |
@@ -445,6 +445,7 @@ |
173 |
extern SOCKET server_sock; |
174 |
extern int times_up; |
175 |
extern FILE *where; |
176 |
+extern int fd; |
177 |
extern int loops_per_msec; |
178 |
extern float lib_local_per_cpu_util[]; |
179 |
|
180 |
diff -Naur netperf-2.4.4.orig/src/netserver.c netperf-2.4.4.patched/src/netserver.c |
181 |
--- netperf-2.4.4.orig/src/netserver.c 2007-10-18 01:09:12.000000000 +0400 |
182 |
+++ netperf-2.4.4.patched/src/netserver.c 2008-01-30 21:57:56.000000000 +0300 |
183 |
@@ -153,6 +153,9 @@ |
184 |
char listen_port[10]; |
185 |
extern char *optarg; |
186 |
extern int optind, opterr; |
187 |
+#if !defined(WIN_32) |
188 |
+char debuglog[] = "/tmp/netperf.debugXXXXXX"; |
189 |
+#endif |
190 |
|
191 |
#ifndef WIN32 |
192 |
#define SERVER_ARGS "dL:n:p:v:V46" |
193 |
@@ -225,6 +228,10 @@ |
194 |
if (!debug) |
195 |
{ |
196 |
fclose(where); |
197 |
+#if !defined(WIN32) |
198 |
+ unlink(debuglog); |
199 |
+ close(fd); |
200 |
+#endif |
201 |
#if !defined(WIN32) && !defined(MPE) && !defined(__VMS) |
202 |
/* For Unix: reopen the debug write file descriptor to "/dev/null" */ |
203 |
/* and redirect stdout to it. */ |
204 |
@@ -918,8 +925,11 @@ |
205 |
strcpy(FileName, DEBUG_LOG_FILE); |
206 |
|
207 |
#ifndef WIN32 |
208 |
- snprintf(&FileName[strlen(FileName)], sizeof(FileName) - strlen(FileName), "_%d", getpid()); |
209 |
- if ((where = fopen(FileName, "w")) == NULL) { |
210 |
+ if((fd = mkstemp(debuglog)) == -1 || (where = fdopen(fd, "w+")) == NULL){ |
211 |
+ if(fd != -1){ |
212 |
+ unlink(debuglog); |
213 |
+ close(fd); |
214 |
+ } |
215 |
perror("netserver: debug file"); |
216 |
exit(1); |
217 |
} |
218 |
@@ -947,10 +957,6 @@ |
219 |
} |
220 |
} |
221 |
#endif |
222 |
- |
223 |
-#ifndef WIN32 |
224 |
- chmod(DEBUG_LOG_FILE,0644); |
225 |
-#endif |
226 |
|
227 |
#if WIN32 |
228 |
if (child) { |
229 |
|
230 |
|
231 |
|
232 |
-- |
233 |
gentoo-commits@l.g.o mailing list |