summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2020-07-22 09:21:32 +0200
committerJeroen Roovers <jer@gentoo.org>2020-07-22 09:22:17 +0200
commitc02681fcb7839ac1829ec09394334ddbca1b0aea (patch)
tree8502cf101b584ef24de94e42cb2e92a6daddab4c /net-libs/nDPI
parentdev-lang/cxprolog: respect LDFLAGS (diff)
downloadgentoo-c02681fcb7839ac1829ec09394334ddbca1b0aea.tar.gz
gentoo-c02681fcb7839ac1829ec09394334ddbca1b0aea.tar.bz2
gentoo-c02681fcb7839ac1829ec09394334ddbca1b0aea.zip
net-libs/nDPI: Add fix for oob in kerberos dissector
Package-Manager: Portage-3.0.0, Repoman-2.3.23 Bug: https://bugs.gentoo.org/719084 Signed-off-by: Jeroen Roovers <jer@gentoo.org>
Diffstat (limited to 'net-libs/nDPI')
-rw-r--r--net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch23
-rw-r--r--net-libs/nDPI/nDPI-3.2-r2.ebuild65
2 files changed, 88 insertions, 0 deletions
diff --git a/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
new file mode 100644
index 000000000000..cd34875890cd
--- /dev/null
+++ b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
@@ -0,0 +1,23 @@
+From 6735bb35c65c60a777557c3277546d5801729995 Mon Sep 17 00:00:00 2001
+From: Alfredo Cardigliano <alfredo.cardigliano@gmail.com>
+Date: Tue, 21 Jul 2020 00:46:37 +0200
+Subject: [PATCH] Fix oob in kerberos dissector
+
+---
+ src/lib/protocols/kerberos.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/protocols/kerberos.c b/src/lib/protocols/kerberos.c
+index 2bacbf51..2ed824fa 100644
+--- a/src/lib/protocols/kerberos.c
++++ b/src/lib/protocols/kerberos.c
+@@ -185,7 +185,8 @@ void ndpi_search_kerberos(struct ndpi_detection_module_struct *ndpi_struct,
+
+ body_offset = koffsetp + 1 + pad_len;
+
+- for(i=0; i<10; i++) if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
++ for(i=0; i<10 && body_offset < packet->payload_packet_len; i++)
++ if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
+ #ifdef KERBEROS_DEBUG
+ printf("body_offset=%u [%02X %02X] [byte 0 must be 0x05]\n", body_offset, packet->payload[body_offset], packet->payload[body_offset+1]);
+ #endif
diff --git a/net-libs/nDPI/nDPI-3.2-r2.ebuild b/net-libs/nDPI/nDPI-3.2-r2.ebuild
new file mode 100644
index 000000000000..12a23bb316ae
--- /dev/null
+++ b/net-libs/nDPI/nDPI-3.2-r2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+inherit autotools multilib
+
+DESCRIPTION="Open Source Deep Packet Inspection Software Toolkit"
+HOMEPAGE="https://www.ntop.org/"
+SRC_URI="https://github.com/ntop/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0/$(ver_cut 1)"
+KEYWORDS="~amd64 ~x86"
+IUSE="static-libs"
+
+DEPEND="
+ dev-libs/json-c:=
+ net-libs/libpcap
+"
+RDEPEND="
+ ${DEPEND}
+"
+PATCHES=(
+ "${FILESDIR}"/${PN}-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch
+ "${FILESDIR}"/${PN}-3.2-0001-Added-fix-for-serialization-loop.patch
+ "${FILESDIR}"/${PN}-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch
+ "${FILESDIR}"/${PN}-3.2-0003-Fixed-invalid-allocation.patch
+ "${FILESDIR}"/${PN}-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch
+ "${FILESDIR}"/${PN}-3.2-0005-Fix-oob-in-kerberos-dissector.patch
+)
+
+src_prepare() {
+ eval $(grep '^NDPI_MAJOR=' autogen.sh)
+ eval $(grep '^NDPI_MINOR=' autogen.sh)
+ eval $(grep '^NDPI_PATCH=' autogen.sh)
+ NDPI_VERSION_SHORT="${NDPI_MAJOR}.${NDPI_MINOR}.${NDPI_PATCH}"
+
+ sed \
+ -e "s/@NDPI_MAJOR@/${NDPI_MAJOR}/g" \
+ -e "s/@NDPI_MINOR@/${NDPI_MINOR}/g" \
+ -e "s/@NDPI_PATCH@/${NDPI_PATCH}/g" \
+ -e "s/@NDPI_VERSION_SHORT@/${NDPI_VERSION_SHORT}/g" \
+ < "${S}/configure.seed" \
+ > "${S}/configure.ac" || die
+
+ sed -i \
+ -e "s%^libdir\s*=\s*\${prefix}/lib\s*$%libdir = \${prefix}/$(get_libdir)%" \
+ src/lib/Makefile.in || die
+
+ default
+ eautoreconf
+
+ # Taken from autogen.sh (bug #704074):
+ sed -i \
+ -e "s/#define PACKAGE/#define NDPI_PACKAGE/g" \
+ -e "s/#define VERSION/#define NDPI_VERSION/g" \
+ configure || die
+}
+
+src_install() {
+ default
+ if ! use static-libs; then
+ rm "${D}"/usr/$(get_libdir)/lib${PN,,}.a || die
+ fi
+}