agl-basesystem 0.1sandbox/ToshikazuOhiwa/master

3 files changed, 64 insertions, 2 deletions

diff --git a/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch b/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
new file mode 100644
index 00000000..919f2b00
--- /dev/null
+++ b/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
@@ -0,0 +1,61 @@
+From c45443a0d3e16b92622bea6b589e5930e8f0d815 Mon Sep 17 00:00:00 2001
+From: Peiran Hong <peiran.hong@windriver.com>
+Date: Fri, 13 Sep 2019 17:02:57 -0400
+Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
+
+---
+ netdissect.h | 12 ++++++++++++
+ print-aoe.c  |  1 +
+ 2 files changed, 13 insertions(+)
+
+diff --git a/netdissect.h b/netdissect.h
+index 089b0406..cd05fdb9 100644
+--- a/netdissect.h
++++ b/netdissect.h
+@@ -69,6 +69,11 @@ typedef struct {
+ typedef unsigned char nd_uint8_t;
+ typedef signed char nd_int8_t;
+ 
++/*
++ * Use this for MAC addresses.
++ */
++#define MAC_ADDR_LEN    6               /* length of MAC addresses */
++
+ /* snprintf et al */
+ 
+ #include <stdarg.h>
+@@ -309,12 +314,19 @@ struct netdissect_options {
+ 	((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
+          (uintptr_t)&(var) <= (uintptr_t)ndo->ndo_snapend - (l)))
+ 
++#define ND_TTEST_LEN(p, l) \
++  (IS_NOT_NEGATIVE(l) && \
++        ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
++         (uintptr_t)(p) <= (uintptr_t)ndo->ndo_snapend - (l)))
++
+ /* True if "var" was captured */
+ #define ND_TTEST(var) ND_TTEST2(var, sizeof(var))
+ 
+ /* Bail if "l" bytes of "var" were not captured */
+ #define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc
+ 
++#define ND_TCHECK_LEN(p, l) if (!ND_TTEST_LEN(p, l)) goto trunc
++
+ /* Bail if "var" was not captured */
+ #define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var))
+ 
+diff --git a/print-aoe.c b/print-aoe.c
+index 97e93df2..ac097a04 100644
+--- a/print-aoe.c
++++ b/print-aoe.c
+@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
+ 		goto invalid;
+ 	/* addresses */
+ 	for (i = 0; i < nmacs; i++) {
++		ND_TCHECK_LEN(cp, MAC_ADDR_LEN);
+ 		ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
+ 		cp += ETHER_ADDR_LEN;
+ 	}
+-- 
+2.21.0
+
diff --git a/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb b/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
index d38540e3..14e90b09 100644
--- a/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
+++ b/external/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
@@ -10,6 +10,7 @@ SRC_URI = " \
     file://unnecessary-to-check-libpcap.patch \
     file://add-ptest.patch \
     file://run-ptest \
+    file://0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch \
 "
 
 SRC_URI[md5sum] = "9bbc1ee33dab61302411b02dd0515576"
diff --git a/external/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.6.bb b/external/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.10.bb
index 4699f679..1bda9ed4 100644
--- a/external/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.6.bb
+++ b/external/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.10.bb
@@ -14,8 +14,8 @@ SRC_URI = "https://1.as.dl.wireshark.org/src/all-versions/${BP}.tar.xz \
 
 UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
 
-SRC_URI[md5sum] = "b30ba5b9b48ed2ff91c0ce357d33b46b"
-SRC_URI[sha256sum] = "487933ea075bdbb25d8df06017d9c4f49fc20eb7f6ec80af086718ed5550e863"
+SRC_URI[md5sum] = "4fd0cd96d990eab0e708339a5e0dc207"
+SRC_URI[sha256sum] = "b8fc32244352437db727a4517371dddfa9ffbf0057cfb58265588876b42b6c7e"
 
 PE = "1"