Package init

2019-12-25 15:59:16 +08:00 · 2019-12-25 15:59:16 +08:00 · 79330e12fe
commit 79330e12fe
parent b8f648a41d
2 changed files with 51 additions and 1 deletions
--- a/CVE-2018-15173.patch
+++ b/CVE-2018-15173.patch
@ -0,0 +1,43 @@
+From 6d8bb6df229f7acf768bcebfe14cdc8c3dbbe92b Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Wed, 8 Aug 2018 16:36:21 +0000
+Subject: [PATCH] Set limits on PCRE matches to avoid issues like #1147
+
+---
+ service_scan.cc | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/service_scan.cc b/service_scan.cc
+index 1fc8056884..79e92b8f21 100644
+--- a/service_scan.cc
+++ b/service_scan.cc
+@@ -489,6 +489,15 @@ void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) {
+   if (pcre_errptr != NULL)
+     fatal("%s: failed to pcre_study regexp on line %d of nmap-service-probes: %s\n", __func__, lineno, pcre_errptr);
+ 
+  // Set some limits to avoid evil match cases.
+  // These are flexible; if they cause problems, increase them.
+#ifdef PCRE_ERROR_MATCHLIMIT
+  regex_extra->match_limit = 100000; // 100K
+#endif
+#ifdef PCRE_ERROR_RECURSIONLIMIT
+  regex_extra->match_limit_recursion = 10000; // 10K
+#endif
+
+   free(modestr);
+   free(flags);
+ 
+@@ -568,6 +577,12 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle
+       if (o.debugging || o.verbose > 1)
+         error("Warning: Hit PCRE_ERROR_MATCHLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
+     } else
+#endif // PCRE_ERROR_MATCHLIMIT
+#ifdef PCRE_ERROR_RECURSIONLIMIT
+    if (rc == PCRE_ERROR_RECURSIONLIMIT) {
+      if (o.debugging || o.verbose > 1)
+        error("Warning: Hit PCRE_ERROR_RECURSIONLIMIT when probing for service %s with the regex '%s'", servicename, matchstr);
+    } else
+ #endif // PCRE_ERROR_MATCHLIMIT
+       if (rc != PCRE_ERROR_NOMATCH) {
+         fatal("Unexpected PCRE error (%d) when probing for service %s with the regex '%s'", rc, servicename, matchstr);
+
--- a/nmap.spec
+++ b/nmap.spec
@ -3,7 +3,7 @@
 Name:                nmap
 Epoch:               2
 Version:             7.70
-Release:             8
+Release:             9
 License:             Nmap
 Summary:             A tool for network discovery and security auditing.
 Requires:            %{name}-ncat = %{epoch}:%{version}-%{release}
@ -15,6 +15,7 @@ Patch2:              nmap-4.52-noms.patch
 Patch3:              ncat_reg_stdin.patch
 Patch4:              nmap-6.25-displayerror.patch
 Patch6000:           CVE-2017-18594.patch
+Patch6001:	     CVE-2018-15173.patch

 BuildRequires:       gcc-c++ openssl-devel gtk2-devel lua-devel libpcap-devel pcre-devel desktop-file-utils
 BuildRequires:       dos2unix libtool automake autoconf gettext-devel libssh2-devel
@ -73,6 +74,12 @@ ln -s ncat %{buildroot}%{_bindir}/nc
 %{_mandir}/man1/*.1.gz

 %changelog
+* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:7.70-9
+- Type:cves
+- ID:CVE-2018-15173
+- SUG:restart
+- DESC:fix CVE-2018-15173
+
 * Mon Oct 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:7.70-8
 - Type:enhancement
 - Id:NA