rpms/iproute/F-10 ip-maddr-show.patch, NONE, 1.1 prefix-assigned.patch, NONE, 1.1 iproute.spec, 1.89, 1.90
Marcela Mašláňová
mmaslano at fedoraproject.org
Mon Jan 12 09:14:28 UTC 2009
Author: mmaslano
Update of /cvs/pkgs/rpms/iproute/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26088
Modified Files:
iproute.spec
Added Files:
ip-maddr-show.patch prefix-assigned.patch
Log Message:
* Mon Jan 12 2009 Marcela MaÅ¡láÅová <mmaslano at redhat.com> - 2.6.27-2
- 475130 - Negative preferred lifetimes of IPv6 prefixes/addresses
displayed incorrectly
- 472878 - âip maddr showâ in IB interface causes a stack corruption
- both patches will be probably in iproute v2.6.28
ip-maddr-show.patch:
--- NEW FILE ip-maddr-show.patch ---
>From 7f71c0cae2db61890474e04ba3a26e40219e5561 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan at redhat.com>
Date: Tue, 25 Nov 2008 12:36:22 +0000
Subject: [PATCH] =?utf-8?q?ip=20maddr=20show=E2=80=9D=20on=20an=20infiniband=20address=20causes=20a=20stack=20corruption?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
âip maddr showâ on an infiniband address causes a stack corruption
because the length of the address for Infiniband (20 bytes, as
described in kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4
__u32 to 8 and also adds a check to avoid overriding the available
size while parsing the hardware address.
This bug affects current upstream code AFAICT.
Hope this helps,
Cheers,
Olivier.
âip maddr show ib0â causes a stack corruption because the length of the address
for Infiniband (20 see kernel doc Documentation/infiniband/ipoib.txt) does not
fit on the 16 bytes of the field in which it gets stored.
The proposed patch increases the size of the hardware address from 4 u32 to 8
and adds a check to avoid overriding the available size while parsing the
hardware address.
---
include/utils.h | 2 +-
ip/ipmaddr.c | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git iproute-2.6.27/iproute2-2.6.27/include/utils.h iproute-2.6.27/iproute2-2.6.27/include/utils.h
index 5daed6b..f7ef939 100644
--- iproute-2.6.27/iproute2-2.6.27/include/utils.h
+++ iproute-2.6.27/iproute2-2.6.27/include/utils.h
@@ -46,7 +46,7 @@ typedef struct
__u8 bytelen;
__s16 bitlen;
__u32 flags;
- __u32 data[4];
+ __u32 data[8];
} inet_prefix;
#define PREFIXLEN_SPECIFIED 1
diff --git iproute-2.6.27/iproute2-2.6.27/ip/ipmaddr.c iproute-2.6.27/iproute2-2.6.27/ip/ipmaddr.c
index 1014f83..44ffdfc 100644
--- iproute-2.6.27/iproute2-2.6.27/ip/ipmaddr.c
+++ iproute-2.6.27/iproute2-2.6.27/ip/ipmaddr.c
@@ -43,11 +43,11 @@ static void usage(void)
exit(-1);
}
-static int parse_hex(char *str, unsigned char *addr)
+static int parse_hex(char *str, unsigned char *addr, size_t size)
{
int len=0;
- while (*str) {
+ while (*str && (len < 2 * size)) {
int tmp;
if (str[1] == 0)
return -1;
@@ -104,7 +104,7 @@ void read_dev_mcast(struct ma_info **result_p)
m.addr.family = AF_PACKET;
- len = parse_hex(hexa, (unsigned char*)&m.addr.data);
+ len = parse_hex(hexa, (unsigned char*)&m.addr.data, sizeof (m.addr.data));
if (len >= 0) {
struct ma_info *ma = malloc(sizeof(m));
@@ -176,7 +176,7 @@ void read_igmp6(struct ma_info **result_p)
m.addr.family = AF_INET6;
- len = parse_hex(hexa, (unsigned char*)&m.addr.data);
+ len = parse_hex(hexa, (unsigned char*)&m.addr.data, sizeof (m.addr.data));
if (len >= 0) {
struct ma_info *ma = malloc(sizeof(m));
--
1.6.0.6
prefix-assigned.patch:
--- NEW FILE prefix-assigned.patch ---
>From 037d950bceed6d5053758dea601e0d018f5f22d7 Mon Sep 17 00:00:00 2001
From: Benedikt Gollatz <ben at differentialschokolade.org>
Date: Tue, 6 Jan 2009 19:36:56 -0800
Subject: [PATCH] When the preferred lifetime of a prefix assigned by IPv6 autoconfiguration
(router solicitation) becomes negative
How reproducible:
Always.
Steps to Reproduce:
1. Configure an IPv6 router to advertise a prefix with a short preferred
lifetime, e.g. 0.
2. Wait for the IPv6 autoconfiguration process to complete for an interface
<if> connected to a link where that router advertises.
3. Run ip -6 show dev <if>.
Actual results:
The preferred lifetime will have become negative, but it is printed as an
unsigned integer. The preferred lifetime to be displayed will therefore be
close to UINT_MAX.
---
ip/ipaddress.c | 13 ++++++++++---
1 files changed, 10 insertions(+), 3 deletions(-)
diff --git iproute-2.6.27/iproute2-2.6.27/ip/ipaddress.c iproute-2.6.27/iproute2-2.6.27/ip/ipaddress.c
index 51471e8..a732d80 100644
--- iproute-2.6.27/iproute2-2.6.27/ip/ipaddress.c
+++ iproute-2.6.27/iproute2-2.6.27/ip/ipaddress.c
@@ -359,6 +359,7 @@ int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n,
FILE *fp = (FILE*)arg;
struct ifaddrmsg *ifa = NLMSG_DATA(n);
int len = n->nlmsg_len;
+ int deprecated = 0;
struct rtattr * rta_tb[IFA_MAX+1];
char abuf[256];
SPRINT_BUF(b1);
@@ -488,6 +489,7 @@ int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n,
}
if (ifa->ifa_flags&IFA_F_DEPRECATED) {
ifa->ifa_flags &= ~IFA_F_DEPRECATED;
+ deprecated = 1;
fprintf(fp, "deprecated ");
}
if (ifa->ifa_flags&IFA_F_HOMEADDRESS) {
@@ -516,9 +518,14 @@ int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n,
sprintf(buf, "valid_lft %usec", ci->ifa_valid);
if (ci->ifa_prefered == INFINITY_LIFE_TIME)
sprintf(buf+strlen(buf), " preferred_lft forever");
- else
- sprintf(buf+strlen(buf), " preferred_lft %usec",
- ci->ifa_prefered);
+ else {
+ if (deprecated)
+ sprintf(buf+strlen(buf), " preferred_lft %dsec",
+ ci->ifa_prefered);
+ else
+ sprintf(buf+strlen(buf), " preferred_lft %usec",
+ ci->ifa_prefered);
+ }
fprintf(fp, " %s", buf);
}
fprintf(fp, "\n");
--
1.6.0.6
Index: iproute.spec
===================================================================
RCS file: /cvs/pkgs/rpms/iproute/F-10/iproute.spec,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- iproute.spec 4 Dec 2008 10:02:40 -0000 1.89
+++ iproute.spec 12 Jan 2009 09:13:58 -0000 1.90
@@ -4,7 +4,7 @@
Summary: Advanced IP routing and network device configuration tools
Name: iproute
Version: 2.6.27
-Release: 1%{?dist}
+Release: 2%{?dist}
Group: Applications/System
Source: http://developer.osdl.org/dev/iproute2/download/iproute2-%{version}.tar.gz
#Source1: iproute-doc-2.6.22.tar.gz
@@ -13,6 +13,8 @@
Patch2: iproute2-ss050901-opt_flags.patch
Patch3: iproute-ip-man.patch
Patch4: iproute2-2.6.25-segfault.patch
+Patch5: prefix-assigned.patch
+Patch6: ip-maddr-show.patch
License: GPLv2+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -30,6 +32,8 @@
%patch2 -p1 -b .opt_flags
%patch3 -p1
%patch4 -p1 -b .seg
+%patch5 -p1 -b .prefix
+%patch6 -p1 -b .maddr
%build
export LIBDIR=%{_libdir}
@@ -105,6 +109,12 @@
%config(noreplace) %{_sysconfdir}/sysconfig/cbq/*
%changelog
+* Mon Jan 12 2009 Marcela MaÅ¡láÅová <mmaslano at redhat.com> - 2.6.27-2
+- 475130 - Negative preferred lifetimes of IPv6 prefixes/addresses
+ displayed incorrectly
+- 472878 - âip maddr showâ in IB interface causes a stack corruption
+- both patches will be probably in iproute v2.6.28
+
* Thu Dec 4 2008 Marcela Maslanova <mmaslano at redhat.com> - 2.6.27-1
- aead support was included into upstream version
- patch for moving libs is now deprecated
More information about the scm-commits
mailing list