packages/c-ares
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update c-ares to 1.18.1

Browse Source
This commit is contained in:
eaglegai 2022-01-12 10:48:01 +08:00
parent 9104f2a159
commit ef154d62a3
5 changed files with 12 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
backport-001-CVE-2021-3672.patch
View File

@ -1,83 +0,0 @@
From 362f91d807d293791008cdb7616d40f7784ece83 Mon Sep 17 00:00:00 2001
From: bradh352 <brad@brad-house.com>
Date: Fri, 11 Jun 2021 11:27:45 -0400
Subject: [PATCH] ares_expand_name() should escape more characters
RFC1035 5.1 specifies some reserved characters and escaping sequences
that are allowed to be specified. Expand the list of reserved characters
and also escape non-printable characters using the \DDD format as
specified in the RFC.
Bug Reported By: philipp.jeitner@sit.fraunhofer.de
Fix By: Brad House (@bradh352)
---
src/lib/ares_expand_name.c | 41 +++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/src/lib/ares_expand_name.c b/src/lib/ares_expand_name.c
index 407200ef..f1c874a9 100644
--- a/src/lib/ares_expand_name.c
+++ b/src/lib/ares_expand_name.c
@@ -32,6 +32,26 @@
static int name_length(const unsigned char *encoded, const unsigned char *abuf,
int alen);
+/* Reserved characters for names that need to be escaped */
+static int is_reservedch(int ch)
+{
+ switch (ch) {
+ case '"':
+ case '.':
+ case ';':
+ case '\\':
+ case '(':
+ case ')':
+ case '@':
+ case '$':
+ return 1;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
/* Expand an RFC1035-encoded domain name given by encoded. The
* containing message is given by abuf and alen. The result given by
* *s, which is set to a NUL-terminated allocated buffer. *enclen is
@@ -111,9 +131,18 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
p++;
while (len--)
{
- if (*p == '.' || *p == '\\')
+ if (!isprint(*p)) {
+ /* Output as \DDD for consistency with RFC1035 5.1 */
+ *q++ = '\\';
+ *q++ = '0' + *p / 100;
+ *q++ = '0' + (*p % 100) / 10;
+ *q++ = '0' + (*p % 10);
+ } else if (is_reservedch(*p)) {
*q++ = '\\';
- *q++ = *p;
+ *q++ = *p;
+ } else {
+ *q++ = *p;
+ }
p++;
}
*q++ = '.';
@@ -171,7 +200,13 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
encoded++;
while (offset--)
{
- n += (*encoded == '.' || *encoded == '\\') ? 2 : 1;
+ if (!isprint(*encoded)) {
+ n += 4;
+ } else if (is_reservedch(*encoded)) {
+ n += 2;
+ } else {
+ n += 1;
+ }
encoded++;
}
n++;

108
backport-002-CVE-2021-3672.patch
View File

@ -1,108 +0,0 @@
From 44c009b8e62ea1929de68e3f438181bea469ec14 Mon Sep 17 00:00:00 2001
From: bradh352 <brad@brad-house.com>
Date: Fri, 11 Jun 2021 12:39:24 -0400
Subject: [PATCH] ares_expand_name(): fix formatting and handling of root name
response
Fixes issue introduced in prior commit with formatting and handling
of parsing a root name response which should not be escaped.
Fix By: Brad House
---
src/lib/ares_expand_name.c | 62 ++++++++++++++++++++++++--------------
1 file changed, 40 insertions(+), 22 deletions(-)
diff --git a/src/lib/ares_expand_name.c b/src/lib/ares_expand_name.c
index f1c874a9..eb9268c1 100644
--- a/src/lib/ares_expand_name.c
+++ b/src/lib/ares_expand_name.c
@@ -127,27 +127,37 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
}
else
{
- len = *p;
+ int name_len = *p;
+ len = name_len;
p++;
+
while (len--)
{
- if (!isprint(*p)) {
- /* Output as \DDD for consistency with RFC1035 5.1 */
- *q++ = '\\';
- *q++ = '0' + *p / 100;
- *q++ = '0' + (*p % 100) / 10;
- *q++ = '0' + (*p % 10);
- } else if (is_reservedch(*p)) {
- *q++ = '\\';
- *q++ = *p;
- } else {
- *q++ = *p;
- }
+ /* Output as \DDD for consistency with RFC1035 5.1, except
+ * for the special case of a root name response */
+ if (!isprint(*p) && !(name_len == 1 && *p == 0))
+ {
+
+ *q++ = '\\';
+ *q++ = '0' + *p / 100;
+ *q++ = '0' + (*p % 100) / 10;
+ *q++ = '0' + (*p % 10);
+ }
+ else if (is_reservedch(*p))
+ {
+ *q++ = '\\';
+ *q++ = *p;
+ }
+ else
+ {
+ *q++ = *p;
+ }
p++;
}
*q++ = '.';
}
- }
+ }
+
if (!indir)
*enclen = aresx_uztosl(p + 1U - encoded);
@@ -194,21 +204,29 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
}
else if (top == 0x00)
{
- offset = *encoded;
+ int name_len = *encoded;
+ offset = name_len;
if (encoded + offset + 1 >= abuf + alen)
return -1;
encoded++;
+
while (offset--)
{
- if (!isprint(*encoded)) {
- n += 4;
- } else if (is_reservedch(*encoded)) {
- n += 2;
- } else {
- n += 1;
- }
+ if (!isprint(*encoded) && !(name_len == 1 && *encoded == 0))
+ {
+ n += 4;
+ }
+ else if (is_reservedch(*encoded))
+ {
+ n += 2;
+ }
+ else
+ {
+ n += 1;
+ }
encoded++;
}
+
n++;
}
else

BIN
c-ares-1.17.1.tar.gz
View File

Binary file not shown.

BIN
c-ares-1.18.1.tar.gz Normal file
View File

Binary file not shown.

20
c-ares.spec
View File

@ -1,17 +1,16 @@
Name: c-ares Name: c-ares
Version: 1.17.1 Version: 1.18.1
Release: 2 Release: 1
Summary: A C library for asynchronous DNS requests Summary: A C library for asynchronous DNS requests
License: MIT License: MIT
URL: https://github.com/c-ares/c-ares URL: https://github.com/c-ares/c-ares
Source0: https://github.com/c-ares/c-ares/releases/download/cares-1_17_1/%{name}-%{version}.tar.gz Source0: https://github.com/c-ares/c-ares/releases/download/cares-1_18_1/%{name}-%{version}.tar.gz
BuildRequires: gcc autoconf automake libtool BuildRequires: gcc autoconf automake libtool
# Patch0 from Redhat is applied for stopping overriding AC_CONFIG_MACRO_DIR # Patch0 from Redhat is applied for stopping overriding AC_CONFIG_MACRO_DIR
Patch0: 0000-Use-RPM-compiler-options.patch Patch0: 0000-Use-RPM-compiler-options.patch
Patch1: backport-001-CVE-2021-3672.patch
Patch2: backport-002-CVE-2021-3672.patch
%description %description
This is c-ares, an asynchronous resolver library. It is intended for applications This is c-ares, an asynchronous resolver library. It is intended for applications
which need to perform DNS queries without blocking, or need to perform multiple which need to perform DNS queries without blocking, or need to perform multiple
@ -31,7 +30,7 @@ shared objects are contained in %{name}-devel package.
%build %build
autoreconf -if autoreconf -if
%configure --enable-shared --disable-dependency-tracking %configure --enable-shared --disable-static --disable-dependency-tracking
make %{?_smp_mflags} make %{?_smp_mflags}
%install %install
@ -46,7 +45,6 @@ make %{?_smp_mflags}
%files devel %files devel
%{_libdir}/pkgconfig/*.pc %{_libdir}/pkgconfig/*.pc
%{_libdir}/libcares.so %{_libdir}/libcares.so
%{_libdir}/libcares.a
%{_includedir}/*.h %{_includedir}/*.h
%files help %files help
@ -54,6 +52,12 @@ make %{?_smp_mflags}
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Wed Jan 12 2022 gaihuiying <gaihuiying1@huawei.com> - 1.18.1-1
- Type:requirement
- Id:NA
- SUG:NA
- DESC:update c-ares to 1.18.1
* Thu Aug 12 2021 gaihuiying <gaihuiying1@huawei.com> - 1.17.1-2 * Thu Aug 12 2021 gaihuiying <gaihuiying1@huawei.com> - 1.17.1-2
- fix CVE-2021-3672 - fix CVE-2021-3672