1 |
jer 11/08/01 20:12:52 |
2 |
|
3 |
Added: packit-1.0-format.patch packit-1.0-overflow.patch |
4 |
Log: |
5 |
Fix buffer overflows (bug #337851). Fix MAC address output format. |
6 |
|
7 |
(Portage version: 2.2.0_alpha49/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 net-analyzer/packit/files/packit-1.0-format.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/packit/files/packit-1.0-format.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/packit/files/packit-1.0-format.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: packit-1.0-format.patch |
16 |
=================================================================== |
17 |
The original objective seems to have been to apply padding, but this |
18 |
is not done at all: instead, set a precision. -JeR |
19 |
|
20 |
--- a/src/shape_arp_hdr.c |
21 |
+++ b/src/shape_arp_hdr.c |
22 |
@@ -94,7 +94,7 @@ |
23 |
if(format_ethernet_addr(ahdr_o.s_eaddr, s_neaddr) == 0) |
24 |
fatal_error("Invalid sender ethernet address"); |
25 |
|
26 |
- snprintf(ahdr_o.shw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", |
27 |
+ snprintf(ahdr_o.shw_addr, 18, "%.2X:%.2X:%.2X:%.2X:%.2X:%.2X", |
28 |
s_neaddr[0], s_neaddr[1], s_neaddr[2], s_neaddr[3], s_neaddr[4], s_neaddr[5]); |
29 |
|
30 |
if(ahdr_o.r_paddr == NULL) |
31 |
@@ -139,7 +139,7 @@ |
32 |
if(format_ethernet_addr(ahdr_o.r_eaddr, r_neaddr) == 0) |
33 |
fatal_error("Invalid receiver ethernet address"); |
34 |
|
35 |
- snprintf(ahdr_o.rhw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", |
36 |
+ snprintf(ahdr_o.rhw_addr, 18, "%.2X:%.2X:%.2X:%.2X:%.2X:%.2X", |
37 |
r_neaddr[0], r_neaddr[1], r_neaddr[2], r_neaddr[3], r_neaddr[4], r_neaddr[5]); |
38 |
|
39 |
if(libnet_build_arp( |
40 |
--- a/src/shape_ethernet_hdr.c.org |
41 |
+++ b/src/shape_ethernet_hdr.c |
42 |
@@ -56,7 +56,7 @@ |
43 |
if(format_ethernet_addr(ehdr_o.s_addr, us_addr) == 0) |
44 |
fatal_error("Invalid source ethernet address"); |
45 |
|
46 |
- snprintf(ehdr_o.shw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", |
47 |
+ snprintf(ehdr_o.shw_addr, 18, "%.2X:%.2X:%.2X:%.2X:%.2X:%.2X", |
48 |
us_addr[0], us_addr[1], us_addr[2], us_addr[3], us_addr[4], us_addr[5]); |
49 |
|
50 |
if(ehdr_o.d_addr == NULL && injection_type == ETHERTYPE_ARP) |
51 |
@@ -71,7 +71,7 @@ |
52 |
if(format_ethernet_addr(ehdr_o.d_addr, ud_addr) == 0) |
53 |
fatal_error("Invalid destination ethernet address"); |
54 |
|
55 |
- snprintf(ehdr_o.dhw_addr, 18, "%0X:%0X:%0X:%0X:%0X:%0X", |
56 |
+ snprintf(ehdr_o.dhw_addr, 18, "%.2X:%.2X:%.2X:%.2X:%.2X:%.2X", |
57 |
ud_addr[0], ud_addr[1], ud_addr[2], ud_addr[3], ud_addr[4], ud_addr[5]); |
58 |
|
59 |
if(libnet_build_ethernet( |
60 |
|
61 |
|
62 |
|
63 |
1.1 net-analyzer/packit/files/packit-1.0-overflow.patch |
64 |
|
65 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/packit/files/packit-1.0-overflow.patch?rev=1.1&view=markup |
66 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/packit/files/packit-1.0-overflow.patch?rev=1.1&content-type=text/plain |
67 |
|
68 |
Index: packit-1.0-overflow.patch |
69 |
=================================================================== |
70 |
--- a/src/utils.c |
71 |
+++ b/src/utils.c |
72 |
@@ -137,7 +137,7 @@ |
73 |
#endif |
74 |
|
75 |
va_start(va, msgp); |
76 |
- vsnprintf(msg, 256, msgp, va); |
77 |
+ vsnprintf(msg, 255, msgp, va); |
78 |
|
79 |
msg_len = strlen(msg); |
80 |
|
81 |
--- a/src/exit.c |
82 |
+++ b/src/exit.c |
83 |
@@ -36,7 +36,7 @@ |
84 |
while(1) |
85 |
{ |
86 |
fprintf(stderr, "\n\nWould you like to quit? (y/n): "); |
87 |
- fgets(a, 16, stdin); |
88 |
+ fgets(a, 2, stdin); |
89 |
|
90 |
if(!strncasecmp(a, "Y", 1)) |
91 |
break; |
92 |
--- a/src/define_defaults.c |
93 |
+++ b/src/define_defaults.c |
94 |
@@ -36,7 +36,7 @@ |
95 |
rand_d_port = (p_mode == M_TRACE) ? 1 : 0; |
96 |
r_timeout = 1; |
97 |
burst_rate = 1; |
98 |
- hwaddr_p[17] = 0; |
99 |
+ /* hwaddr_p[18] = 0; */ |
100 |
init_type = 1; |
101 |
interval_sec = 1; |
102 |
interval_usec = 0; |
103 |
--- a/src/inject_defs.h |
104 |
+++ b/src/inject_defs.h |
105 |
@@ -132,9 +132,9 @@ |
106 |
u_int16_t rand_d_addr; |
107 |
|
108 |
u_int8_t *s_addr; /* source ethernet address string */ |
109 |
- u_int8_t shw_addr[17]; |
110 |
+ u_int8_t shw_addr[18]; |
111 |
u_int8_t *d_addr; /* destination ethernet address string */ |
112 |
- u_int8_t dhw_addr[17]; |
113 |
+ u_int8_t dhw_addr[18]; |
114 |
} ehdr_o; |
115 |
|
116 |
struct arphdr_opts |
117 |
@@ -153,8 +153,8 @@ |
118 |
u_int8_t *r_eaddr; /* receiver ethernet address */ |
119 |
u_int16_t rand_r_eaddr; |
120 |
|
121 |
- u_int8_t shw_addr[17]; |
122 |
- u_int8_t rhw_addr[17]; |
123 |
+ u_int8_t shw_addr[18]; |
124 |
+ u_int8_t rhw_addr[18]; |
125 |
} ahdr_o; |
126 |
|
127 |
libnet_t *pkt_d; |