packages/ndisc6
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:512d0ad3c69aa5b05d8cb2746fb744cbb46d76c8
Branches Tags
packages:main
..
compare: packages:e678b36c7b0888b8a043ea1fbe227a3ac27e1d54
Branches Tags
packages:main

No commits in common. "512d0ad3c69aa5b05d8cb2746fb744cbb46d76c8" and "e678b36c7b0888b8a043ea1fbe227a3ac27e1d54" have entirely different histories.
512d0ad3c6 ... e678b36c7b

4 changed files with 2 additions and 67 deletions
Show Stats Expand all files Collapse all files

34
backport-Fix-potential-integer-overflow-in-parsednssl.patch
View File

@ -1,34 +0,0 @@
From fd9549c0fb0e1916ca553a1abbeebd48f608955d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20H=C3=A4rdeman?= <david@hardeman.nu>
Date: Sun, 11 Feb 2024 18:29:15 +0100
Subject: [PATCH] Fix potential integer overflow in parsednssl()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
optlen is a uint8_t because the length field in the RA header is one octet
(representing the length in units of 8 octets). Later optlen is multiplied by 8
to represent the length in bytes, meaning that the variable can overflow.
Signed-off-by: David Härdeman <david@hardeman.nu>
Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>
---
src/ndisc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/ndisc.c b/src/ndisc.c
index 1640794..b190b18 100644
--- a/src/ndisc.c
+++ b/src/ndisc.c
@@ -451,7 +451,7 @@ static int
parsednssl (const uint8_t *opt)
{
const uint8_t *base;
- uint8_t optlen = opt[1];
+ uint16_t optlen = opt[1];
if (optlen < 2)
return -1;
--
2.34.1

BIN
ndisc6-1.0.4.tar.bz2 Normal file
View File

Binary file not shown.

BIN
ndisc6-1.0.7.tar.bz2
View File

Binary file not shown.

35
ndisc6.spec
View File

@ -1,6 +1,6 @@
Name: ndisc6
Version: 1.0.7
Release: 2
Version: 1.0.4
Release: 4
Summary: IPv6 diagnostic tools
License: GPLv2 or GPLv3
URL: http://www.remlab.net/ndisc6
@ -8,7 +8,6 @@ Source0: http://www.remlab.net/files/ndisc6/%{name}-%{version}.tar.bz2
Patch0: bugfix-add-self-mac-check.patch
Patch1: bugfix-add-SO_BINDTODEVICE.patch
Patch2: backport-Fix-potential-integer-overflow-in-parsednssl.patch
BuildRequires: gcc perl-generators
@ -48,36 +47,6 @@ It includes the follwing programs :
%{_mandir}/man*
%changelog
* Tue Jan 7 2025 yinbin <yinbin8@huawei.com> - 1.0.7-2
- Type: bugfix
- ID: NA
- SUG: NA
- DESC: Fix potential integer overflow in parsednssl
* Thu Feb 1 2024 liubo <liubo335@huawei.com> - 1.0.7-1
- Type: requirement
- ID: NA
- SUG: NA
- DESC: update to version 1.0.7
* Mon Jan 9 2023 caofei <caofei@xfusion.com> - 1.0.4-7
- Type:bugfix
- CVE:NA
- SUG:restart
- DESC: Update NEWS
* Sat Jan 7 2023 caofei <caofei@xfusion.com> - 1.0.4-6
- Type:bugfix
- CVE:NA
- SUG:restart
- DESC: Update AUTHORS
* Fri Nov 11 2022 gaoxingwang <gaoxingwang1@huawei.com> - 1.0.4-5
- Type:bugfix
- CVE:NA
- SUG:restart
- DESC: rdnssd: remove unused parameter
* Fri Apr 29 2022 gaoxingwang <gaoxingwang1@huawei.com> - 1.0.4-4
- Type:bugfix
- CVE:NA