bug 90541

(Portage version: 2.0.51.19)
author: Marcelo Góes <vanquirius@gentoo.org> 2005-05-06 22:16:12 +0000
committer: Marcelo Góes <vanquirius@gentoo.org> 2005-05-06 22:16:12 +0000
commit: 1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd (patch)
tree: 96a583f83622ddf1ab4c3661e4109506bc83e7f4 /net-analyzer/tcpdump/files
parent: Removed old ebuilds. (diff)
download: gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.tar.gz
gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.tar.bz2
gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.zip
2 files changed, 96 insertions, 0 deletions
diff --git a/net-analyzer/tcpdump/files/digest-tcpdump-3.8.3-r2 b/net-analyzer/tcpdump/files/digest-tcpdump-3.8.3-r2
new file mode 100644
index 000000000000..3fe68092ba2f
--- /dev/null
+++ b/net-analyzer/tcpdump/files/digest-tcpdump-3.8.3-r2
@@ -0,0 +1 @@
+MD5 30645001f4b97019677cad88d3811904 tcpdump-3.8.3.tar.gz 567116
diff --git a/net-analyzer/tcpdump/files/tcpdump-3.8.3-gentoo.patch b/net-analyzer/tcpdump/files/tcpdump-3.8.3-gentoo.patch
new file mode 100644
index 000000000000..d18d66ebfb9c
--- /dev/null
+++ b/net-analyzer/tcpdump/files/tcpdump-3.8.3-gentoo.patch
@@ -0,0 +1,95 @@
+diff --exclude='*~' -Naur tcpdump-3.8.3.orig/print-bgp.c tcpdump-3.8.3/print-bgp.c
+--- tcpdump-3.8.3.orig/print-bgp.c	2005-05-06 17:41:55.000000000 -0300
++++ tcpdump-3.8.3/print-bgp.c	2005-05-06 17:45:08.000000000 -0300
+@@ -1216,6 +1216,8 @@
+                             tptr = pptr + len;
+                             break;
+ 			}
++                        if (advance < 0) /* infinite loop protection */
++                            break;
+ 			tptr += advance;
+ 		}
+ 		break;
+diff --exclude='*~' -Naur tcpdump-3.8.3.orig/print-isoclns.c tcpdump-3.8.3/print-isoclns.c
+--- tcpdump-3.8.3.orig/print-isoclns.c	2005-05-06 17:41:55.000000000 -0300
++++ tcpdump-3.8.3/print-isoclns.c	2005-05-06 17:53:57.000000000 -0300
+@@ -1250,11 +1250,11 @@
+ 	    break;
+ 	case L1_CSNP:
+ 	case L2_CSNP:
+-	    printf(", src-id %s", isis_print_id(header_csnp->source_id,SYSTEM_ID_LEN));
++	    printf(", src-id %s", isis_print_id(header_csnp->source_id,NODE_ID_LEN));
+ 	    break;
+ 	case L1_PSNP:
+ 	case L2_PSNP:
+-	    printf(", src-id %s", isis_print_id(header_psnp->source_id,SYSTEM_ID_LEN));
++	    printf(", src-id %s", isis_print_id(header_psnp->source_id,NODE_ID_LEN));
+ 	    break;
+ 
+ 	}
+@@ -1506,6 +1506,9 @@
+                tlv_type,
+                tlv_len);
+ 
++        if (tlv_len == 0) /* something is malformed */
++            break;
++
+         /* now check if we have a decoder otherwise do a hexdump at the end*/
+ 	switch (tlv_type) {
+ 	case TLV_AREA_ADDR:
+@@ -1536,7 +1539,7 @@
+ 	    break;
+ 
+         case TLV_ISNEIGH_VARLEN:
+-            if (!TTEST2(*tptr, 1))
++            if (!TTEST2(*tptr, 1) || tmp < 3) /* min. TLV length */
+ 		goto trunctlv;
+ 	    lan_alen = *tptr++; /* LAN adress length */
+             tmp --;
+diff --exclude='*~' -Naur tcpdump-3.8.3.orig/print-ldp.c tcpdump-3.8.3/print-ldp.c
+--- tcpdump-3.8.3.orig/print-ldp.c	2005-05-06 17:41:55.000000000 -0300
++++ tcpdump-3.8.3/print-ldp.c	2005-05-06 17:49:09.000000000 -0300
+@@ -326,6 +326,9 @@
+                EXTRACT_32BITS(&ldp_msg_header->id),
+                LDP_MASK_U_BIT(EXTRACT_16BITS(&ldp_msg_header->type)) ? "continue processing" : "ignore");
+ 
++        if (msg_len == 0) /* infinite loop protection */
++            break;
++
+         msg_tptr=tptr+sizeof(struct ldp_msg_header);
+         msg_tlen=msg_len-sizeof(struct ldp_msg_header)+4; /* Type & Length fields not included */
+ 
+diff --exclude='*~' -Naur tcpdump-3.8.3.orig/print-rsvp.c tcpdump-3.8.3/print-rsvp.c
+--- tcpdump-3.8.3.orig/print-rsvp.c	2005-05-06 17:41:55.000000000 -0300
++++ tcpdump-3.8.3/print-rsvp.c	2005-05-06 17:51:12.000000000 -0300
+@@ -875,10 +875,17 @@
+             switch(rsvp_obj_ctype) {
+             case RSVP_CTYPE_IPV4:
+                 while(obj_tlen >= 4 ) {
+-                    printf("\n\t    Subobject Type: %s",
++                    printf("\n\t    Subobject Type: %s, length %u",
+                            tok2str(rsvp_obj_xro_values,
+                                    "Unknown %u",
+-                                   RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)));                
++                                   RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)),
++                           *(obj_tptr+1));                
++
++                    if (*(obj_tptr+1) == 0) { /* prevent infinite loops */
++                        printf("\n\t      ERROR: zero length ERO subtype");
++                        break;
++                    }
++
+                     switch(RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)) {
+                     case RSVP_OBJ_XRO_IPV4:
+                         printf(", %s, %s/%u, Flags: [%s]",
+@@ -921,8 +928,8 @@
+                 if (obj_tlen < 8)
+                     return;
+                 printf("\n\t    Restart  Time: %ums, Recovery Time: %ums",
+-                       EXTRACT_16BITS(obj_tptr),
+-                       EXTRACT_16BITS(obj_tptr+4));
++                       EXTRACT_32BITS(obj_tptr),
++                       EXTRACT_32BITS(obj_tptr+4));
+                 obj_tlen-=8;
+                 obj_tptr+=8;
+                 break;
author	Marcelo Góes <vanquirius@gentoo.org>	2005-05-06 22:16:12 +0000
committer	Marcelo Góes <vanquirius@gentoo.org>	2005-05-06 22:16:12 +0000
commit	1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd (patch)
tree	96a583f83622ddf1ab4c3661e4109506bc83e7f4 /net-analyzer/tcpdump/files
parent	Removed old ebuilds. (diff)
download	gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.tar.gz gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.tar.bz2 gentoo-2-1df60fc2cd67a2423cbef2c6e2a59758e69ee4bd.zip