rpms/sipp/EL-5 import.log, NONE, 1.1 sipp--CVE-2008-2085-fix.diff, NONE, 1.1 sipp.spec, 1.6, 1.7
Peter Lemenkov (peter)
fedora-extras-commits at redhat.com
Sun Jul 6 13:46:04 UTC 2008
Author: peter
Update of /cvs/extras/rpms/sipp/EL-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17849/EL-5
Modified Files:
sipp.spec
Added Files:
import.log sipp--CVE-2008-2085-fix.diff
Log Message:
CVE-2008-2085 fix
--- NEW FILE import.log ---
sipp-3_1-2_fc9:EL-5:sipp-3.1-2.fc9.src.rpm:1215351879
sipp--CVE-2008-2085-fix.diff:
--- NEW FILE sipp--CVE-2008-2085-fix.diff ---
--- call.cpp.cve20082085 2008-07-06 12:38:01.000000000 +0400
+++ call.cpp 2008-07-06 17:11:11.000000000 +0400
@@ -125,17 +125,26 @@
char pattern[] = "c=IN IP4 ";
char *begin, *end;
char ip[32];
- begin = strstr(msg, pattern);
+ char *tmp = strdup(msg);
+
+ if(!tmp) return INADDR_NONE;
+ begin = strstr(tmp, pattern);
if (!begin) {
+ free(tmp);
/* Can't find what we're looking at -> return no address */
return INADDR_NONE;
}
begin += sizeof("c=IN IP4 ") - 1;
end = strstr(begin, "\r\n");
- if (!end)
+ if (!end){
+ free(tmp);
return INADDR_NONE;
+ }
+ *end = 0;
memset(ip, 0, 32);
- strncpy(ip, begin, end - begin);
+ strncpy(ip, begin, sizeof(ip) - 1);
+ ip[sizeof(ip) - 1] = 0;
+ free(tmp);
return inet_addr(ip);
}
@@ -148,20 +157,28 @@
char pattern[] = "c=IN IP6 ";
char *begin, *end;
char ip[128];
+ char *tmp = strdup(msg);
memset(&addr, 0, sizeof(addr));
memset(ip, 0, 128);
- begin = strstr(msg, pattern);
+ if(!tmp) return 0;
+ begin = strstr(tmp, pattern);
if (!begin) {
+ free(tmp);
/* Can't find what we're looking at -> return no address */
return 0;
}
begin += sizeof("c=IN IP6 ") - 1;
end = strstr(begin, "\r\n");
- if (!end)
+ if (!end){
+ free(tmp);
return 0;
- strncpy(ip, begin, end - begin);
+ }
+ *end = 0;
+ strncpy(ip, begin, sizeof(ip) - 1);
+ ip[sizeof(ip) - 1] = 0;
+ free(tmp);
if (!inet_pton(AF_INET6, ip, &addr)) {
return 0;
}
@@ -188,17 +205,25 @@
ERROR("Internal error: Undefined media pattern %d\n", 3);
}
- begin = strstr(msg, pattern);
+ char *tmp = strdup(msg);
+ if(!tmp) return 0;
+ begin = strstr(tmp, pattern);
if (!begin) {
+ free(tmp);
/* m=audio not found */
return 0;
}
begin += strlen(pattern) - 1;
end = strstr(begin, "\r\n");
- if (!end)
+ if (!end){
+ free(tmp);
ERROR("get_remote_port_media: no CRLF found");
+ }
+ *end = 0;
memset(number, 0, sizeof(number));
strncpy(number, begin, sizeof(number) - 1);
+ number[sizeof(number) - 1] = 0;
+ free(tmp);
return atoi(number);
}
Index: sipp.spec
===================================================================
RCS file: /cvs/extras/rpms/sipp/EL-5/sipp.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- sipp.spec 30 Apr 2008 13:57:31 -0000 1.6
+++ sipp.spec 6 Jul 2008 13:45:07 -0000 1.7
@@ -1,13 +1,16 @@
Summary: SIP test tool / traffic generator
Name: sipp
Version: 3.1
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: Applications/Communications
URL: http://sipp.sourceforge.net/
Source0: http://downloads.sourceforge.net/%{name}/%{name}.%{version}.src.tar.gz
Patch0: sipp--Makefile-fix-paths.diff
+# https://sourceforge.net/tracker/index.php?func=detail&aid=1982103&group_id=104305&atid=637566
Patch1: sipp--INT_MAX_headers_for_gcc43.diff
+# https://sourceforge.net/tracker/index.php?func=detail&aid=2011751&group_id=104305&atid=637566
+Patch2: sipp--CVE-2008-2085-fix.diff
BuildRequires: ncurses-devel
%if 0%{?el4}
BuildRequires: libpcap
@@ -31,6 +34,7 @@
%setup -qn %{name}.svn
%patch0
%patch1
+%patch2 -p0 -b .cve20082085
%build
DEBUG_FLAGS="%{optflags}" %{__make} %{?_smp_mflags} pcapplay_ossl
@@ -51,6 +55,9 @@
%{_datadir}/%{name}
%changelog
+* Sun Jul 6 2008 Peter Lemenkov <lemenkov at gmail.com> 3.1-2
+- CVE-2008-2085
+
* Wed Apr 30 2008 Peter Lemenkov <lemenkov at gmail.com> 3.1-1
- Ver 3.1
More information about the scm-commits
mailing list