pool/ebtables
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 78603 from security:netfilter

Browse Source 
- Update to new upstream release 2.0.10.2
* minor compilation fixes: respect LDFLAGS in Makefiles
- Remove obsolete ebtables-typepuns.diff patch (fixed upstream)

OBS-URL: https://build.opensuse.org/request/show/78603
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ebtables?expand=0&rev=21
This commit is contained in:
Sascha Peilicke 2011-08-12 08:23:18 +00:00 committed by Git OBS Bridge
commit 65969c5d55
5 changed files with 21 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
ebtables-typepuns.diff
View File

@ -1,75 +0,0 @@
From: Jan Engelhardt <jengelh@medozas.de>
Date: 2011-07-11 01:11 +0200
libebt_among: fix undefined behavior on dereference of typepunned ptr
extensions/ebt_among.c: In function create_wormhash:
extensions/ebt_among.c:250:4: warning: dereferencing type-punned pointer will break strict-aliasing rules
extensions/ebt_among.c:261:3: warning: dereferencing type-punned pointer will break strict-aliasing rules
---
extensions/ebt_among.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
Index: ebtables-v2.0.10-1/extensions/ebt_among.c
===================================================================
--- ebtables-v2.0.10-1.orig/extensions/ebt_among.c
+++ ebtables-v2.0.10-1/extensions/ebt_among.c
@@ -183,7 +183,7 @@ static struct ebt_mac_wormhash *create_w
char *endptr;
struct ebt_mac_wormhash *workcopy, *result, *h;
unsigned char mac[6];
- unsigned char ip[4];
+ uint32_t ip;
int nmacs = 0;
int i;
char token[4];
@@ -222,16 +222,18 @@ static struct ebt_mac_wormhash *create_w
ebt_print_error("MAC parse error: %.20s", anchor);
return NULL;
}
+ ip = 0;
if (*pc == '=') {
/* an IP follows the MAC; collect similarly to MAC */
pc++;
anchor = pc;
- for (i = 0; i < 3; i++) {
+ for (i = 3; i > 0; --i) {
if (read_until(&pc, ".", token, 3) < 0 || token[0] == 0) {
ebt_print_error("IP parse error: %.20s", anchor);
return NULL;
}
- ip[i] = strtol(token, &endptr, 10);
+ /* 0xFF warrants using 8 - not CHAR_BIT. */
+ ip |= (strtoul(token, &endptr, 10) & 0xFF) << (8 * i);
if (*endptr) {
ebt_print_error("IP parse error: %.20s", anchor);
return NULL;
@@ -242,23 +244,21 @@ static struct ebt_mac_wormhash *create_w
ebt_print_error("IP parse error: %.20s", anchor);
return NULL;
}
- ip[3] = strtol(token, &endptr, 10);
+ ip |= strtoul(token, &endptr, 10) & 0xFF;
if (*endptr) {
ebt_print_error("IP parse error: %.20s", anchor);
return NULL;
}
- if (*(uint32_t*)ip == 0) {
+ ip = htonl(ip);
+ if (ip == 0) {
ebt_print_error("Illegal IP 0.0.0.0");
return NULL;
}
- } else {
- /* no IP, we set it to 0.0.0.0 */
- memset(ip, 0, 4);
}
/* we have collected MAC and IP, so we add an entry */
memcpy(((char *) workcopy->pool[nmacs].cmp) + 2, mac, 6);
- workcopy->pool[nmacs].ip = *(const uint32_t *) ip;
+ workcopy->pool[nmacs].ip = ip;
nmacs++;
/* re-allocate memory if needed */

3
ebtables-v2.0.10-1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0cbc998b86997559ecef7e75ed3eaf45a4775cb63cf74e2f648d21d3a1125bce
size 86072

3
ebtables-v2.0.10-2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fa9efc30da36066b3932a2ac7b268a198df49ca356f82e5dd14612544cfa5521
size 84508

7
ebtables.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Aug 11 23:23:35 UTC 2011 - jengelh@medozas.de
- Update to new upstream release 2.0.10.2
* minor compilation fixes: respect LDFLAGS in Makefiles
- Remove obsolete ebtables-typepuns.diff patch (fixed upstream)
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jul 10 23:03:57 UTC 2011 - jengelh@medozas.de Sun Jul 10 23:03:57 UTC 2011 - jengelh@medozas.de

16
ebtables.spec
View File

@ -18,18 +18,20 @@
Name: ebtables Name: ebtables
Version: 2.0.10.1 Version: 2.0.10.2
Release: 1 Release: 1
License: GPLv2 License: GPLv2
Summary: Ethernet Bridge Tables Summary: Ethernet Bridge Tables
Url: http://ebtables.sf.net/ Url: http://ebtables.sf.net/
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Source: %name-v2.0.10-1.tar.xz Source: %name-v2.0.10-2.tar.xz
Patch0: %name-v2.0.8-makefile.diff Patch0: %name-v2.0.8-makefile.diff
Patch1: %name-v2.0.8-initscript.diff Patch1: %name-v2.0.8-initscript.diff
Patch2: ebtables-typepuns.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: xz BuildRequires: xz
%if 0%{?fedora} || 0%{?rhel}
BuildRequires: kernel-headers
%endif
%description %description
A firewalling tool to transparently filter network traffic passing a A firewalling tool to transparently filter network traffic passing a
@ -39,10 +41,14 @@ can be used together with the other Linux filtering tools, like
iptables. There are no incompatibility issues. iptables. There are no incompatibility issues.
%prep %prep
%setup -q -n %name-v2.0.10-1 %if 0%{?__xz:1}
%setup -q -n %name-v2.0.10-2
%else
tar -xf "%{S:0}" --use=xz;
%setup -DTqn %name-v2.0.10-2
%endif
%patch0 %patch0
%patch1 %patch1
%patch -P 2 -p1
%build %build
# The way ebtables is built requires ASNEEDED=0 forever [bnc#567267] # The way ebtables is built requires ASNEEDED=0 forever [bnc#567267]