rpms
/
libnet
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i10c-beta
rpms:c10-beta
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:i8c
rpms:c8
...
pull from: rpms:cs10
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i10c-beta
rpms:c10-beta
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:i8c
rpms:c8

No commits in common. 'c9' and 'cs10' have entirely different histories.
c9 ... cs10

7 changed files with 148 additions and 287 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/libnet-1.2-repack.tar.gz SOURCES/libnet-1.3.tar.gz

2
.libnet.metadata
Unescape View File

@ -1 +1 @@
ee154e054d5545778a9a318553af9c7181998db9 SOURCES/libnet-1.2-repack.tar.gz 0afd4169eb6be42f5e2a805b5370e1f881d45969 SOURCES/libnet-1.3.tar.gz

34
SOURCES/102.patch
Unescape View File

@ -1,34 +0,0 @@
From 425162fb7a9577f212d44c1b6f6e2ccc36acf131 Mon Sep 17 00:00:00 2001
From: Thomas Habets <habets@google.com>
Date: Fri, 1 Nov 2019 17:08:08 +0000
Subject: [PATCH] Fix possible overflows
---
src/libnet_port_list.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/libnet_port_list.c b/src/libnet_port_list.c
index fff151ea..942a856f 100644
--- a/src/libnet_port_list.c
+++ b/src/libnet_port_list.c
@@ -250,16 +250,17 @@ libnet_plist_chain_dump_string(libnet_plist_t *plist)
{
if (plist->bport == plist->eport)
{
- i = snprintf(&buf[j], BUFSIZ, "%d", plist->bport);
+ i = snprintf(&buf[j], BUFSIZ-j, "%d", plist->bport);
}
else
{
- i = snprintf(&buf[j], BUFSIZ, "%d-%d", plist->bport, plist->eport);
+ i = snprintf(&buf[j], BUFSIZ-j, "%d-%d", plist->bport, plist->eport);
}
j += i;
if (plist->next)
{
- snprintf(&buf[j++], BUFSIZ, ",");
+ snprintf(&buf[j], BUFSIZ-j, ",");
+ j++;
}
}
return (strdup(buf)); /* XXX - reentrancy == no */

205
SOURCES/120.patch
Unescape View File

@ -1,205 +0,0 @@
From fdf4c18b1f2c17eddc871d4a593240a59dd0682f Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Wed, 14 Apr 2021 09:21:50 +0200
Subject: [PATCH 1/3] libnet_port_list.c: fix gcc -fanalyzer warning
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This fixes:
libnet_port_list.c:99:8: warning: leak of _8 [CWE-401] [-Wanalyzer-malloc-leak]
99 | if (!all_lists)
| ^
libnet_plist_chain_new: events 1-3
|
| 48 | if (l == NULL)
| | ^
| | |
| | (1) following false branch (when l_70(D) is non-NULL)...
|......
| 53 | if (token_list == NULL)
| | ~~ ~
| | | |
| | | (3) following false branch (when token_list_71(D) is non-NULL)...
| | (2) ...to here
|
libnet_plist_chain_new: event 4
|
|cc1:
| (4): ...to here
|
libnet_plist_chain_new: events 5-9
|
| 83 | *plist = malloc(sizeof (libnet_plist_t));
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (5) allocated here
| 84 |
| 85 | if (!(*plist))
| | ~
| | |
| | (6) assuming *plist_74(D) is non-NULL
| | (7) following false branch...
|......
| 93 | tmp = *plist;
| | ~~~
| | |
| | (8) ...to here
|......
| 99 | if (!all_lists)
| | ~
| | |
| | (9) _8 leaks here; was allocated at (5)
|
Signed-off-by: Adrian Reber <areber@redhat.com>
---
src/libnet_port_list.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libnet_port_list.c b/src/libnet_port_list.c
index 942a856..a99867c 100644
--- a/src/libnet_port_list.c
+++ b/src/libnet_port_list.c
@@ -101,6 +101,7 @@ libnet_plist_chain_new(libnet_t *l, libnet_plist_t **plist, char *token_list)
all_lists = all_lists_tmp;
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"libnet_build_plist_chain: realloc %s", strerror(errno));
+ free(tmp);
*plist = NULL;
return(-1);
}
From 60d71f03f26d349b4bf069983f625128ddcfdba8 Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Wed, 14 Apr 2021 09:41:27 +0200
Subject: [PATCH 2/3] =?UTF-8?q?libnet=5Fpblock.c:=20fix=20warning=20"unuse?=
=?UTF-8?q?d=20variable=20=E2=80=98c=E2=80=99"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Adrian Reber <areber@redhat.com>
---
src/libnet_pblock.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/libnet_pblock.c b/src/libnet_pblock.c
index fa46d35..e3eb184 100644
--- a/src/libnet_pblock.c
+++ b/src/libnet_pblock.c
@@ -489,7 +489,6 @@ libnet_pblock_coalesce(libnet_t *l, uint8_t **packet, uint32_t *size)
{
if (q->flags & LIBNET_PBLOCK_DO_CHECKSUM)
{
- uint32_t c;
uint8_t* end = *packet + l->aligner + l->total_size;
uint8_t* beg = *packet + n;
int ip_offset = calculate_ip_offset(l, q);
From 5085aebbe93b81eb93bfec5e33c04286f779ceda Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Wed, 14 Apr 2021 10:13:23 +0200
Subject: [PATCH 3/3] libnet_cq.c: fix 'dereference of possibly-NULL'
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
libnet_cq.c:139:18: warning: dereference of possibly-NULL new_18 [CWE-690] [-Wanalyzer-possible-null-dereference]
139 | new->context = l;
| ~~~~~~~~~~~~~^~~
libnet_cq_add.part.0: events 1-6
|
| 71 | libnet_cq_add(libnet_t *l, char *label)
| | ^~~~~~~~~~~~~
| | |
| | (1) entry to libnet_cq_add.part.0
|......
| 89 | if (label == NULL)
| | ~
| | |
| | (2) following false branch (when label_1(D) is non-NULL)...
|......
| 97 | if (l_cq == NULL)
| | ~~ ~
| | | |
| | | (4) following false branch...
| | (3) ...to here
|......
| 124 | if (libnet_cq_dup_check(l, label))
| | ~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | | |
| | | (6) calling libnet_cq_dup_check from libnet_cq_add.part.0
| | (5) ...to here
|
+--> libnet_cq_dup_check: events 7-13
|
| 269 | libnet_cq_dup_check(libnet_t *l, char *label)
| | ^~~~~~~~~~~~~~~~~~~
| | |
| | (7) entry to libnet_cq_dup_check
|......
| 273 | for (p = l_cq; p; p = p->next)
| | ~ ~~~~~~~~~~~
| | | |
| | | (13) ...to here
| | (8) following true branch (when p_6 is non-NULL)...
| 274 | {
| 275 | if (p->context == l)
| | ~~ ~
| | | |
| | | (10) following false branch...
| | (9) ...to here
|......
| 281 | if (strncmp(p->context->label, label, LIBNET_LABEL_SIZE) == 0)
| | ~~ ~
| | | |
| | | (12) following false branch...
| | (11) ...to here
|
<------+
|
libnet_cq_add.part.0: events 14-20
|
| 124 | if (libnet_cq_dup_check(l, label))
| | ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | ||
| | |(14) returning to libnet_cq_add.part.0 from libnet_cq_dup_check
| | (15) following false branch...
|......
| 130 | new = (libnet_cq_t *)malloc(sizeof (libnet_cq_t));
| | ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | | |
| | | (17) this call could return NULL
| | (16) ...to here
| 131 | if (l_cq == NULL)
| | ~
| | |
| | (18) following false branch...
|......
| 139 | new->context = l;
| | ~~~~~~~~~~~~~~~~
| | | |
| | | (20) new_18 could be NULL: unchecked value from (17)
| | (19) ...to here
|
Signed-off-by: Adrian Reber <areber@redhat.com>
---
src/libnet_cq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libnet_cq.c b/src/libnet_cq.c
index 2234cbc..b3c5677 100644
--- a/src/libnet_cq.c
+++ b/src/libnet_cq.c
@@ -128,7 +128,7 @@ libnet_cq_add(libnet_t *l, char *label)
}
new = (libnet_cq_t *)malloc(sizeof (libnet_cq_t));
- if (l_cq == NULL)
+ if (new == NULL)
{
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): can't malloc new context queue: %s",

100
SOURCES/170.patch
Unescape View File

@ -0,0 +1,100 @@
From 79e4b9df5bfa5e5fbaa9f3ad78ff677bf165611f Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Wed, 7 Aug 2024 11:06:19 +0200
Subject: [PATCH 1/2] libnet_if_addr.c: fix 'Using uninitialized value "rc".'
This fixes static code analysis report:
1. libnet-1.3/src/libnet_if_addr.c:551:5: var_decl: Declaring variable "rc" without initializer.
8. libnet-1.3/src/libnet_if_addr.c:626:5: uninit_use: Using uninitialized value "rc".
# 624| }
# 625|
# 626|-> return rc;
# 627| }
# 628|
The code was jumping to the 'end' label without setting rc to anything.
Doing 'return rc' will indeed return an uninitialized value for some
cases.
This commit removed the 'bad' label and in an error case always jumps to
'end' with rc initialized to -1.
Signed-off-by: Adrian Reber <areber@redhat.com>
---
src/libnet_if_addr.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/libnet_if_addr.c b/src/libnet_if_addr.c
index e0e8b6d4..ab8530c7 100644
--- a/src/libnet_if_addr.c
+++ b/src/libnet_if_addr.c
@@ -548,7 +548,8 @@ libnet_select_device(libnet_t *l)
{
struct libnet_ifaddr_list *address_list = NULL, *al;
uint32_t addr;
- int c, i, rc;
+ int rc = -1;
+ int c, i;
if (l == NULL)
{
@@ -600,7 +601,7 @@ libnet_select_device(libnet_t *l)
if (i <= 0)
{
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE, "%s(): can't find interface for IP %s", __func__, l->device);
- goto bad;
+ goto end;
}
}
else
@@ -610,9 +611,6 @@ libnet_select_device(libnet_t *l)
good:
rc = 1;
- goto end;
-bad:
- rc = -1;
end:
if (address_list) {
for (i = 0; i < c; i++)
From ec512f5ea21deabc9631efffb0acfb3e345107bc Mon Sep 17 00:00:00 2001
From: Adrian Reber <areber@redhat.com>
Date: Wed, 7 Aug 2024 11:15:23 +0200
Subject: [PATCH 2/2] libnet_build_udld.c: fix 'Using uninitialized value "p"
when calling "libnet_pblock_delete"'
Static code analysis reported:
1. libnet-1.3/src/libnet_build_udld.c:11:5: var_decl: Declaring variable "p" without initializer.
4. libnet-1.3/src/libnet_build_udld.c:119:5: uninit_use_in_call: Using uninitialized value "p" when calling "libnet_pblock_delete".
# 117| return libnet_pblock_update(l, p, h, pblock_type);
# 118| bad:
# 119|-> libnet_pblock_delete(l, p);
# 120| return (-1);
# 121| }
The function libnet_pblock_delete() checks if p is not NULL, but it is
called before 'p' is uninitialized and it might point to some random
location. Setting it to NULL will skip running libnet_pblock_delete()
cleanup code on a random memory address.
Signed-off-by: Adrian Reber <areber@redhat.com>
---
src/libnet_build_udld.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libnet_build_udld.c b/src/libnet_build_udld.c
index 731cffe8..315e6ac5 100644
--- a/src/libnet_build_udld.c
+++ b/src/libnet_build_udld.c
@@ -8,7 +8,7 @@ const uint8_t value_s, libnet_t * l, libnet_ptag_t ptag)
{
struct libnet_udld_hdr hdr;
uint32_t n, h;
- libnet_pblock_t *p;
+ libnet_pblock_t *p = NULL;
hdr.tlv__type = tlv_type;
hdr.tlv__length = LIBNET_UDLD_TLV_HDR_SIZE + value_s;

18
SOURCES/libnet_pblock.patch
Unescape View File

@ -1,18 +0,0 @@
diff --git a/src/libnet_pblock.c b/src/libnet_pblock.c
index 9fd015f..fa46d35 100644
--- a/src/libnet_pblock.c
+++ b/src/libnet_pblock.c
@@ -500,10 +500,9 @@ libnet_pblock_coalesce(libnet_t *l, uint8_t **packet, uint32_t *size)
q->ptag, libnet_diag_dump_pblock_type(q->type),
ip_offset);
#endif
- c = libnet_inet_checksum(l, iph,
- libnet_pblock_p2p(q->type), q->h_len,
- beg, end);
- if (c == -1)
+ if (libnet_inet_checksum(l, iph,
+ libnet_pblock_p2p(q->type), q->h_len,
+ beg, end) == -1)
{
/* err msg set in libnet_do_checksum() */
goto err;

70
SPECS/libnet.spec
Unescape View File

@ -1,19 +1,12 @@
Summary: C library for portable packet creation and injection Summary: C library for portable packet creation and injection
Name: libnet Name: libnet
Version: 1.2 Version: 1.3
Release: 7%{?dist} Release: 7%{?dist}
License: BSD License: BSD-2-Clause AND BSD-3-Clause
URL: https://github.com/libnet/libnet URL: https://github.com/libnet/libnet
# This used to be https://github.com/libnet/libnet/releases/download/v%%{version}/%%{name}-%%{version}.tar.gz Source0: https://github.com/libnet/libnet/releases/download/v%{version}/%{name}-%{version}.tar.gz
# But because of licensing a repacked tarball is used
# The repacked tarball has the directory win32/wpdpack removed
# which was never used. Upstream also removed that directory:
# https://github.com/libnet/libnet/commit/eba016f9506d9041e1bc8786c10ca94ebe626057
Source0: libnet-1.2-repack.tar.gz
Patch0: libnet-config.patch Patch0: libnet-config.patch
Patch1: libnet_pblock.patch Patch1: https://github.com/libnet/libnet/pull/170.patch
Patch2: https://patch-diff.githubusercontent.com/raw/libnet/libnet/pull/120.patch
Patch3: https://patch-diff.githubusercontent.com/raw/libnet/libnet/pull/102.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: make BuildRequires: make
BuildRequires: %{_bindir}/pod2man BuildRequires: %{_bindir}/pod2man
@ -53,10 +46,8 @@ developing applications that use libnet.
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch -P 0 -p1
%patch1 -p1 %patch -P 1 -p1
%patch2 -p1
%patch3 -p1
# Avoid library soname bump (https://github.com/libnet/libnet/issues/115) # Avoid library soname bump (https://github.com/libnet/libnet/issues/115)
sed -e 's/-version-info 9:0:0/-version-info 9:0:8/' -i src/Makefile.{am,in} sed -e 's/-version-info 9:0:0/-version-info 9:0:8/' -i src/Makefile.{am,in}
@ -98,6 +89,7 @@ done
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%{_includedir}/%{name}.h %{_includedir}/%{name}.h
%{_includedir}/%{name}/ %{_includedir}/%{name}/
%{_mandir}/man1/%{name}*.1*
%{_mandir}/man3/%{name}*.3* %{_mandir}/man3/%{name}*.3*
%if 0%{!?_without_doc:1} %if 0%{!?_without_doc:1}
@ -106,20 +98,46 @@ done
%endif %endif
%changelog %changelog
* Thu Mar 07 2024 Adrian Reber <areber@redhat.com> - 1.2-7 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.3-7
- Apply upstream patch to fix 3 findings from static application security testing - Bump release for October 2024 mass rebuild:
Resolves: RHEL-27656 Resolves: RHEL-64018
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.2-6 * Wed Aug 07 2024 Adrian Reber <areber@redhat.com> - 1.3-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - applied patch to fix static analysis errors
Related: rhbz#1991688 https://github.com/libnet/libnet/pull/170
* Fri Apr 23 2021 Adrian Reber <areber@redhat.com> - 1.2-5 * Tue Aug 06 2024 Adrian Reber <areber@redhat.com> - 1.3-5
- Repack tarball to remove problematic license from unused code - copy gating.yaml from c9s
- Apply fixes for warnings found by gcc -fanalyzer
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.2-4 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.3-4
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 - Bump release for June 2024 mass rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Oct 03 2023 Gwyn Ciesla <gwync@protonmail.com> - 1.3-1
- 1.3
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Fri Jun 16 2023 Adrian Reber <adrian@lisas.de> - 1.2-8
- migrated to SPDX license
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Apr 08 2021 Adrian Reber <adrian@lisas.de> - 1.2-3 * Thu Apr 08 2021 Adrian Reber <adrian@lisas.de> - 1.2-3
- Fix file conflicts with libnet-devel - Fix file conflicts with libnet-devel

Write Preview
Loading…
Cancel
Save