commit udp2raw-tunnel for openSUSE:Factory

root Wed, 05 Aug 2020 11:28:10 -0700

Hello community,

here is the log from the commit of package udp2raw-tunnel for openSUSE:Factory 
checked in at 2020-08-05 20:27:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/udp2raw-tunnel (Old)
 and      /work/SRC/openSUSE:Factory/.udp2raw-tunnel.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "udp2raw-tunnel"

Wed Aug  5 20:27:50 2020 rev:3 rq:824371 version:20200727.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/udp2raw-tunnel/udp2raw-tunnel.changes    
2020-07-29 17:22:27.300661321 +0200
+++ /work/SRC/openSUSE:Factory/.udp2raw-tunnel.new.3592/udp2raw-tunnel.changes  
2020-08-05 20:28:05.775057904 +0200
@@ -1,0 +2,6 @@
+Fri Jul 31 20:24:15 UTC 2020 - Martin Hauke <mar...@gmx.de>
+
+- Update to version 20200727.0
+  * Fix issue 337(array out of boundary).
+
+-------------------------------------------------------------------

Old:
----
  udp2raw-tunnel-20200715.0.tar.gz

New:
----
  udp2raw-tunnel-20200727.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ udp2raw-tunnel.spec ++++++
--- /var/tmp/diff_new_pack.wrV9e3/_old  2020-08-05 20:28:06.603058251 +0200
+++ /var/tmp/diff_new_pack.wrV9e3/_new  2020-08-05 20:28:06.607058254 +0200
@@ -18,7 +18,7 @@
 
 
 Name:           udp2raw-tunnel
-Version:        20200715.0
+Version:        20200727.0
 Release:        0
 Summary:        UDP over TCP/ICMP/UDP tunnel
 # The following files are adapted from PolarSSL 1.3.19 (GPL-2.0)

++++++ udp2raw-tunnel-20200715.0.tar.gz -> udp2raw-tunnel-20200727.0.tar.gz 
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/client.cpp 
new/udp2raw-tunnel-20200727.0/client.cpp
--- old/udp2raw-tunnel-20200715.0/client.cpp    2020-07-16 01:32:14.000000000 
+0200
+++ new/udp2raw-tunnel-20200727.0/client.cpp    2020-07-26 21:07:17.000000000 
+0200
@@ -485,6 +485,11 @@
                {
                        return -1;
                }
+               if(data_len>=max_data_len+1)
+               {
+                       mylog(log_debug,"data_len=%d >= 
max_data_len+1,ignored",data_len);
+                       return -1;
+               }
                
if(!recv_info.new_src_ip.equal(send_info.new_dst_ip)||recv_info.src_port!=send_info.dst_port)
                {
                        mylog(log_debug,"unexpected adress %s %s %d 
%d\n",recv_info.new_src_ip.get_str1(),send_info.new_dst_ip.get_str2(),recv_info.src_port,send_info.dst_port);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/connection.cpp 
new/udp2raw-tunnel-20200727.0/connection.cpp
--- old/udp2raw-tunnel-20200715.0/connection.cpp        2020-07-16 
01:32:14.000000000 +0200
+++ new/udp2raw-tunnel-20200727.0/connection.cpp        2020-07-26 
21:07:17.000000000 +0200
@@ -416,6 +416,13 @@
                //printf("recv_raw_fail in recv bare\n");
                return -1;
        }
+
+       if(len>=max_data_len+1)
+       {
+               mylog(log_debug,"data_len=%d >= max_data_len+1,ignored",len);
+               return -1;
+       }
+
        mylog(log_trace,"data len=%d\n",len);
        if ((raw_mode == mode_faketcp && (recv_info.syn == 1 || recv_info.ack 
!= 1)))
        {
@@ -615,7 +622,7 @@
        }
 
 
-       if(after_recv_raw0(conn_info.raw_info)!=0) return -1;
+       if(after_recv_raw0(conn_info.raw_info)!=0) return -1;  //TODO might 
need to move this function to somewhere else after --fix-gro is introduced
 
        return 0;
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/encrypt.cpp 
new/udp2raw-tunnel-20200727.0/encrypt.cpp
--- old/udp2raw-tunnel-20200715.0/encrypt.cpp   2020-07-16 01:32:14.000000000 
+0200
+++ new/udp2raw-tunnel-20200727.0/encrypt.cpp   2020-07-26 21:07:17.000000000 
+0200
@@ -291,6 +291,7 @@
 
 int de_padding(const char *data ,int &data_len,int padding_num)
 {
+       if(data_len==0) return -1;
        if((uint8_t)data[data_len-1]  >padding_num) return -1;
        data_len-=(uint8_t)data[data_len-1];
        if(data_len<0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/makefile 
new/udp2raw-tunnel-20200727.0/makefile
--- old/udp2raw-tunnel-20200715.0/makefile      2020-07-16 01:32:14.000000000 
+0200
+++ new/udp2raw-tunnel-20200727.0/makefile      2020-07-26 21:07:17.000000000 
+0200
@@ -19,7 +19,6 @@
 MP="-DUDP2RAW_MP"
 
 
-
 NAME=udp2raw
 
 TARGETS=amd64 arm amd64_hw_aes arm_asm_aes mips24kc_be mips24kc_be_asm_aes x86 
x86_asm_aes mips24kc_le mips24kc_le_asm_aes
@@ -59,7 +58,7 @@
        ${cc_local}   -o ${NAME}          -I. ${SOURCES} ${FLAGS} -lrt 
-Wformat-nonliteral -D MY_DEBUG 
 debug2: git_version
        rm -f ${NAME}
-       ${cc_local}   -o ${NAME}          -I. ${SOURCES} ${FLAGS} -lrt 
-Wformat-nonliteral -ggdb
+       ${cc_local}   -o ${NAME}          -I. ${SOURCES} ${FLAGS} -lrt 
-Wformat-nonliteral -ggdb -fsanitize=address
 
 #targets only for 'make release'
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/network.cpp 
new/udp2raw-tunnel-20200727.0/network.cpp
--- old/udp2raw-tunnel-20200715.0/network.cpp   2020-07-16 01:32:14.000000000 
+0200
+++ new/udp2raw-tunnel-20200727.0/network.cpp   2020-07-26 21:07:17.000000000 
+0200
@@ -1441,7 +1441,7 @@
                }
        }
 
-    if(g_packet_buf_len> max_data_len+1)
+    if(g_packet_buf_len>= max_data_len+1)
     {
         if(g_fix_gro==0)
         {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/pcap_wrapper.h 
new/udp2raw-tunnel-20200727.0/pcap_wrapper.h
--- old/udp2raw-tunnel-20200715.0/pcap_wrapper.h        2020-07-16 
01:32:14.000000000 +0200
+++ new/udp2raw-tunnel-20200727.0/pcap_wrapper.h        2020-07-26 
21:07:17.000000000 +0200
@@ -9,12 +9,12 @@
 
 struct bpf_program
 {
- char a[2000];
+ char a[4096];
 };
 
 struct pcap_t
 {
- char a[2000];
+ char a[4096];
 };
 
 typedef unsigned int bpf_u_int32;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/udp2raw-tunnel-20200715.0/server.cpp 
new/udp2raw-tunnel-20200727.0/server.cpp
--- old/udp2raw-tunnel-20200715.0/server.cpp    2020-07-16 01:32:14.000000000 
+0200
+++ new/udp2raw-tunnel-20200727.0/server.cpp    2020-07-26 21:07:17.000000000 
+0200
@@ -19,7 +19,7 @@
 int server_on_timer_multi(conn_info_t &conn_info)  //for server. called when a 
timer is ready in epoll.for server,there will be one timer for every connection
 // there is also a global timer for server,but its not handled here
 {
-       char ip_port[40];
+       char ip_port[max_addr_len];
        //u32_t ip=conn_info.raw_info.send_info.dst_ip;
        //u32_t port=conn_info.raw_info.send_info.dst_port;
 
@@ -445,7 +445,7 @@
        address_t addr;
        
addr.from_ip_port_new(raw_ip_version,&peek_info.new_src_ip,peek_info.src_port);
 
-       char ip_port[40];
+       char ip_port[max_addr_len];
        addr.to_str(ip_port);
        //sprintf(ip_port,"%s:%d",my_ntoa(ip),port);
        mylog(log_trace,"[%s]peek_raw\n",ip_port);
@@ -460,6 +460,11 @@
                        {
                                return 0;
                        }
+                       if(data_len>=max_data_len+1)
+                       {
+                               mylog(log_debug,"data_len=%d >= 
max_data_len+1,ignored",data_len);
+                               return -1;
+                       }
                        if(use_tcp_dummy_socket!=0)
                                return 0;
                        raw_info_t &raw_info=tmp_raw_info;

commit udp2raw-tunnel for openSUSE:Factory

Reply via email to