aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch')
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch131
1 files changed, 131 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch
new file mode 100644
index 0000000000..aa93c5e123
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605_1.patch
@@ -0,0 +1,131 @@
+This patch is needed in order to apply the patch for CVE-2015-8605.
+
+Upstream-Status: Backport (4.3.2+)
+
+From: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commit;h=0ce1aa94454ce9b50d592c08d7e0c559d38d3bc5
+
+Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
+---
+From 0ce1aa94454ce9b50d592c08d7e0c559d38d3bc5 Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Mon, 8 Sep 2014 09:31:32 -0400
+Subject: [PATCH] [master] Corrected error in UDP bad packet logging
+
+ Merges in rt36897
+---
+ common/packet.c | 55 +++++++++++++++++++++++++++++++++++--------------------
+ 1 file changed, 35 insertions(+), 20 deletions(-)
+
+diff --git a/common/packet.c b/common/packet.c
+index 45e96e8..7460f3d 100644
+--- a/common/packet.c
++++ b/common/packet.c
+@@ -3,7 +3,7 @@
+ Packet assembly code, originally contributed by Archie Cobbs. */
+
+ /*
+- * Copyright (c) 2009,2012 by Internet Systems Consortium, Inc. ("ISC")
++ * Copyright (c) 2009,2012,2014 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004,2005,2007 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 1996-2003 by Internet Software Consortium
+ *
+@@ -234,12 +234,12 @@ decode_udp_ip_header(struct interface_info *interface,
+ unsigned char *upp, *endbuf;
+ u_int32_t ip_len, ulen, pkt_len;
+ u_int32_t sum, usum;
+- static int ip_packets_seen;
+- static int ip_packets_bad_checksum;
+- static int udp_packets_seen;
+- static int udp_packets_bad_checksum;
+- static int udp_packets_length_checked;
+- static int udp_packets_length_overflow;
++ static unsigned int ip_packets_seen = 0;
++ static unsigned int ip_packets_bad_checksum = 0;
++ static unsigned int udp_packets_seen = 0;
++ static unsigned int udp_packets_bad_checksum = 0;
++ static unsigned int udp_packets_length_checked = 0;
++ static unsigned int udp_packets_length_overflow = 0;
+ unsigned len;
+
+ /* Designate the end of the input buffer for bounds checks. */
+@@ -287,10 +287,10 @@ decode_udp_ip_header(struct interface_info *interface,
+ udp_packets_length_checked++;
+ if ((upp + ulen) > endbuf) {
+ udp_packets_length_overflow++;
+- if ((udp_packets_length_checked > 4) &&
+- ((udp_packets_length_checked /
+- udp_packets_length_overflow) < 2)) {
+- log_info("%d udp packets in %d too long - dropped",
++ if (((udp_packets_length_checked > 4) &&
++ (udp_packets_length_overflow != 0)) &&
++ ((udp_packets_length_checked / udp_packets_length_overflow) < 2)) {
++ log_info("%u udp packets in %u too long - dropped",
+ udp_packets_length_overflow,
+ udp_packets_length_checked);
+ udp_packets_length_overflow = 0;
+@@ -299,22 +299,31 @@ decode_udp_ip_header(struct interface_info *interface,
+ return -1;
+ }
+
+- if ((ulen < sizeof(udp)) || ((upp + ulen) > endbuf))
+- return -1;
++ /* If at least 5 with less than 50% bad, start over */
++ if (udp_packets_length_checked > 4) {
++ udp_packets_length_overflow = 0;
++ udp_packets_length_checked = 0;
++ }
+
+ /* Check the IP header checksum - it should be zero. */
+- ++ip_packets_seen;
++ ip_packets_seen++;
+ if (wrapsum (checksum (buf + bufix, ip_len, 0))) {
+ ++ip_packets_bad_checksum;
+- if (ip_packets_seen > 4 &&
+- (ip_packets_seen / ip_packets_bad_checksum) < 2) {
+- log_info ("%d bad IP checksums seen in %d packets",
++ if (((ip_packets_seen > 4) && (ip_packets_bad_checksum != 0)) &&
++ ((ip_packets_seen / ip_packets_bad_checksum) < 2)) {
++ log_info ("%u bad IP checksums seen in %u packets",
+ ip_packets_bad_checksum, ip_packets_seen);
+ ip_packets_seen = ip_packets_bad_checksum = 0;
+ }
+ return -1;
+ }
+
++ /* If at least 5 with less than 50% bad, start over */
++ if (ip_packets_seen > 4) {
++ ip_packets_bad_checksum = 0;
++ ip_packets_seen = 0;
++ }
++
+ /* Copy out the IP source address... */
+ memcpy(&from->sin_addr, &ip.ip_src, 4);
+
+@@ -339,15 +348,21 @@ decode_udp_ip_header(struct interface_info *interface,
+ udp_packets_seen++;
+ if (usum && usum != sum) {
+ udp_packets_bad_checksum++;
+- if (udp_packets_seen > 4 &&
+- (udp_packets_seen / udp_packets_bad_checksum) < 2) {
+- log_info ("%d bad udp checksums in %d packets",
++ if (((udp_packets_seen > 4) && (udp_packets_bad_checksum != 0)) &&
++ ((udp_packets_seen / udp_packets_bad_checksum) < 2)) {
++ log_info ("%u bad udp checksums in %u packets",
+ udp_packets_bad_checksum, udp_packets_seen);
+ udp_packets_seen = udp_packets_bad_checksum = 0;
+ }
+ return -1;
+ }
+
++ /* If at least 5 with less than 50% bad, start over */
++ if (udp_packets_seen > 4) {
++ udp_packets_bad_checksum = 0;
++ udp_packets_seen = 0;
++ }
++
+ /* Copy out the port... */
+ memcpy (&from -> sin_port, &udp.uh_sport, sizeof udp.uh_sport);
+
+--
+2.6.2
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-19 14:32:21 +0000