NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

libnl: don't download patch from Github

Browse Source 
Patches downloaded from Github are not stable, so bring them in the
tree.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2017-07-03 00:30:42 +02:00
parent 5cbce09b80
commit 6826e2ee8a
3 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
package/libnl/0001-lib-check-for-integer-overflow-in-nlmsg_reserve.patch Normal file
View File

@ -0,0 +1,38 @@
From 3e18948f17148e6a3c4255bdeaaf01ef6081ceeb Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 6 Feb 2017 22:23:52 +0100
Subject: [PATCH] lib: check for integer-overflow in nlmsg_reserve()
In general, libnl functions are not robust against calling with
invalid arguments. Thus, never call libnl functions with invalid
arguments. In case of nlmsg_reserve() this means never provide
a @len argument that causes overflow.
Still, add an additional safeguard to avoid exploiting such bugs.
Assume that @pad is a trusted, small integer.
Assume that n->nm_size is a valid number of allocated bytes (and thus
much smaller then SIZE_T_MAX).
Assume, that @len may be set to an untrusted value. Then the patch
avoids an integer overflow resulting in reserving too few bytes.
[Upstream commit: https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
lib/msg.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/msg.c b/lib/msg.c
index 9af3f3a0..3e27d4e0 100644
--- a/lib/msg.c
+++ b/lib/msg.c
@@ -411,6 +411,9 @@ void *nlmsg_reserve(struct nl_msg *n, size_t len, int pad)
size_t nlmsg_len = n->nm_nlh->nlmsg_len;
size_t tlen;
+ if (len > n->nm_size)
+ return NULL;
+
tlen = pad ? ((len + (pad - 1)) & ~(pad - 1)) : len;
if ((tlen + nlmsg_len) > n->nm_size)

1
package/libnl/libnl.hash
View File

@ -1,3 +1,2 @@
# From https://github.com/thom311/libnl/releases/download/libnl3_2_27/libnl-3.2.27.tar.gz.sha256sum
sha256 4bbbf92b3c78a90f423cf96260bf419a28b75db8cced47051217a56795f58ec6 libnl-3.2.27.tar.gz
sha256 b7bb929194eefc56c786a7e1ae5176b54713f9013ccec63760f232742ae80361 3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch

2
package/libnl/libnl.mk
View File

@ -11,8 +11,6 @@ LIBNL_LICENSE_FILES = COPYING
LIBNL_INSTALL_STAGING = YES
LIBNL_DEPENDENCIES = host-bison host-flex
LIBNL_PATCH = https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch
ifeq ($(BR2_PACKAGE_LIBNL_TOOLS),y)
LIBNL_CONF_OPTS += --enable-cli
else