diff options
-rw-r--r-- | .SRCINFO | 6 | ||||
-rw-r--r-- | PKGBUILD | 9 | ||||
-rw-r--r-- | fix_overlapping_buffers.patch | 46 |
3 files changed, 58 insertions, 3 deletions
@@ -1,7 +1,7 @@ pkgbase = iproute2-selinux pkgdesc = IP Routing Utilities with SELinux support pkgver = 6.1.0 - pkgrel = 4 + pkgrel = 5 url = https://git.kernel.org/pub/scm/network/iproute2/iproute2.git arch = x86_64 arch = aarch64 @@ -18,7 +18,7 @@ pkgbase = iproute2-selinux optdepends = linux-atm: ATM support optdepends = python: for routel provides = iproute - provides = iproute2=6.1.0-4 + provides = iproute2=6.1.0-5 conflicts = iproute2 options = staticlibs backup = etc/iproute2/bpf_pinning @@ -33,11 +33,13 @@ pkgbase = iproute2-selinux source = https://www.kernel.org/pub/linux/utils/net/iproute2/iproute2-6.1.0.tar.xz source = https://www.kernel.org/pub/linux/utils/net/iproute2/iproute2-6.1.0.tar.sign source = 0001-make-iproute2-fhs-compliant.patch + source = fix_overlapping_buffers.patch source = bdb5.3.patch validpgpkeys = 9F6FC345B05BE7E766B83C8F80A77F6095CDE47E sha256sums = 5ce12a0fec6b212725ef218735941b2dab76244db7e72646a76021b0537b43ab sha256sums = SKIP sha256sums = 758b82bd61ed7512d215efafd5fab5ae7a28fbfa6161b85e2ce7373285e56a5d + sha256sums = 7d2fb8ba06f3b73a8fa3ab673b8f1ad41c0e4fd85e3c31a8d4002a1b074ec1ae sha256sums = 908de44ee99bf78669e7c513298fc2a22ca9d7e816a8f99788b1e9b091035cf4 pkgname = iproute2-selinux @@ -8,7 +8,7 @@ pkgname=iproute2-selinux pkgver=6.1.0 -pkgrel=4 +pkgrel=5 pkgdesc='IP Routing Utilities with SELinux support' arch=('x86_64' 'aarch64') license=('GPL2') @@ -35,10 +35,12 @@ options=('staticlibs') validpgpkeys=('9F6FC345B05BE7E766B83C8F80A77F6095CDE47E') # Stephen Hemminger source=("https://www.kernel.org/pub/linux/utils/net/${pkgname/-selinux}/${pkgname/-selinux}-${pkgver}.tar."{xz,sign} '0001-make-iproute2-fhs-compliant.patch' + 'fix_overlapping_buffers.patch' 'bdb5.3.patch') sha256sums=('5ce12a0fec6b212725ef218735941b2dab76244db7e72646a76021b0537b43ab' 'SKIP' '758b82bd61ed7512d215efafd5fab5ae7a28fbfa6161b85e2ce7373285e56a5d' + '7d2fb8ba06f3b73a8fa3ab673b8f1ad41c0e4fd85e3c31a8d4002a1b074ec1ae' '908de44ee99bf78669e7c513298fc2a22ca9d7e816a8f99788b1e9b091035cf4') prepare() { @@ -50,6 +52,11 @@ prepare() { # use Berkeley DB 5.3 patch -Np1 -i "${srcdir}"/bdb5.3.patch + # fix overlapping buffers leading to cut off IPv6 adresses since glibc 2.37 + # See FS#77451 and + # https://lore.kernel.org/netdev/0011AC38-4823-4D0A-8580-B108D08959C2@gentoo.org/T/#u + patch -Np1 -i "${srcdir}"/fix_overlapping_buffers.patch + # do not treat warnings as errors sed -i 's/-Werror//' Makefile diff --git a/fix_overlapping_buffers.patch b/fix_overlapping_buffers.patch new file mode 100644 index 000000000000..44706131c410 --- /dev/null +++ b/fix_overlapping_buffers.patch @@ -0,0 +1,46 @@ +Fix overlapping buffers passed to strncpy which is UB. format_host_rta_r writes +to the buffer passed to it, so hostname (derived from b1) & b1 partly overlap. + +This gets worse with sys-libs/glibc-2.37 where the ip route output can be truncated, +but it was UB anyway and you can see it occurring w/ glibc-2.36. + +Bug: https://lore.kernel.org/netdev/0011AC38-4823-4D0A-8580-B108D08959C2@gentoo.org/T/#u +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30112 +Thanks-to: Doug Freed <dwfreed@mtu.edu> +Signed-off-by: Sam James <sam@gentoo.org> +--- + ip/iproute.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/ip/iproute.c b/ip/iproute.c +index 0bab0fdf..a7cd9543 100644 +--- a/ip/iproute.c ++++ b/ip/iproute.c +@@ -748,6 +748,7 @@ int print_route(struct nlmsghdr *n, void *arg) + int ret; + + SPRINT_BUF(b1); ++ SPRINT_BUF(b2); + + if (n->nlmsg_type != RTM_NEWROUTE && n->nlmsg_type != RTM_DELROUTE) { + fprintf(stderr, "Not a route: %08x %08x %08x\n", +@@ -809,7 +810,7 @@ int print_route(struct nlmsghdr *n, void *arg) + r->rtm_dst_len); + } else { + const char *hostname = format_host_rta_r(family, tb[RTA_DST], +- b1, sizeof(b1)); ++ b2, sizeof(b2)); + if (hostname) + strncpy(b1, hostname, sizeof(b1) - 1); + } +@@ -832,7 +833,7 @@ int print_route(struct nlmsghdr *n, void *arg) + r->rtm_src_len); + } else { + const char *hostname = format_host_rta_r(family, tb[RTA_SRC], +- b1, sizeof(b1)); ++ b2, sizeof(b2)); + if (hostname) + strncpy(b1, hostname, sizeof(b1) - 1); + } +-- +2.39.1 |