mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
tcpreplay: fix CVE-2023-43279
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. References: https://nvd.nist.gov/vuln/detail/CVE-2023-43279 Upstream patches: https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560 Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
committed by
Armin Kuster
parent
adbc54688b
commit
ea99328a06
@@ -0,0 +1,39 @@
|
|||||||
|
From 3164a75f2660a5c3537feff9fd8751346cf5ca57 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gabriel Ganne <gabriel.ganne@gmail.com>
|
||||||
|
Date: Sun, 21 Jan 2024 09:16:38 +0100
|
||||||
|
Subject: [PATCH] add check for empty cidr
|
||||||
|
|
||||||
|
This causes tcprewrite to exit with an error instead of crashing.
|
||||||
|
|
||||||
|
Fixes: #824
|
||||||
|
|
||||||
|
Upstream-Status: Backport
|
||||||
|
CVE: CVE-2023-43279
|
||||||
|
|
||||||
|
Reference to upstream patch:
|
||||||
|
https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560
|
||||||
|
|
||||||
|
Signed-off-by: Gabriel Ganne <gabriel.ganne@gmail.com>
|
||||||
|
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
|
||||||
|
---
|
||||||
|
src/common/cidr.c | 4 ++++
|
||||||
|
1 file changed, 4 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/common/cidr.c b/src/common/cidr.c
|
||||||
|
index 687fd04..9afbfec 100644
|
||||||
|
--- a/src/common/cidr.c
|
||||||
|
+++ b/src/common/cidr.c
|
||||||
|
@@ -249,6 +249,10 @@ parse_cidr(tcpr_cidr_t **cidrdata, char *cidrin, char *delim)
|
||||||
|
char *network;
|
||||||
|
char *token = NULL;
|
||||||
|
|
||||||
|
+ if (cidrin == NULL) {
|
||||||
|
+ errx(-1, "%s", "Unable to parse empty CIDR");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
mask_cidr6(&cidrin, delim);
|
||||||
|
|
||||||
|
/* first iteration of input using strtok */
|
||||||
|
--
|
||||||
|
2.25.1
|
||||||
|
|
||||||
@@ -12,6 +12,7 @@ SRC_URI = "https://github.com/appneta/${BPN}/releases/download/v${PV}/${BP}.tar.
|
|||||||
file://0001-configure.ac-unify-search-dirs-for-pcap-and-add-lib3.patch \
|
file://0001-configure.ac-unify-search-dirs-for-pcap-and-add-lib3.patch \
|
||||||
file://0001-configure.ac-do-not-run-conftest-in-case-of-cross-co.patch \
|
file://0001-configure.ac-do-not-run-conftest-in-case-of-cross-co.patch \
|
||||||
file://CVE-2023-4256.patch \
|
file://CVE-2023-4256.patch \
|
||||||
|
file://CVE-2023-43279.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"
|
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"
|
||||||
|
|||||||
Reference in New Issue
Block a user