From e2cca62cd51ee38ad9e8be6682b629c9883072d4cdc5de77dd0ef767a0ba0109 Mon Sep 17 00:00:00 2001
From: Marcus Schaefer <ms@suse.com>
Date: Thu, 8 Jul 2010 14:26:00 +0000
Subject: [PATCH] - security fix: replies by a malicious system can   make ping
 run into an endless loop (bnc #620837)

OBS-URL: https://build.opensuse.org/package/show/network:utilities/iputils?expand=0&rev=9
---
 iputils-ss021109-ping-break.diff | 20 ++++++++++++++++++++
 iputils.changes                  |  6 ++++++
 iputils.spec                     |  2 ++
 3 files changed, 28 insertions(+)
 create mode 100644 iputils-ss021109-ping-break.diff

diff --git a/iputils-ss021109-ping-break.diff b/iputils-ss021109-ping-break.diff
new file mode 100644
index 0000000..ea9efe7
--- /dev/null
+++ b/iputils-ss021109-ping-break.diff
@@ -0,0 +1,20 @@
+--- ping.c	2010-07-08 14:19:50.000000000 +0000
++++ ping.c	2010-07-08 14:20:43.000000000 +0000
+@@ -1019,7 +1019,7 @@
+ 				i = j;
+ 			i -= IPOPT_MINOFF;
+ 			if (i <= 0)
+-				continue;
++				break;
+ 			if (i == old_rrlen
+ 			    && !bcmp((char *)cp, old_rr, i)
+ 			    && !(options & F_FLOOD)) {
+@@ -1056,7 +1056,7 @@
+ 				i = j;
+ 			i -= 5;
+ 			if (i <= 0)
+-				continue;
++				break;
+ 			flags = *++cp;
+ 			printf("\nTS: ");
+ 			cp++;
diff --git a/iputils.changes b/iputils.changes
index 790b71a..e691f2a 100644
--- a/iputils.changes
+++ b/iputils.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jul  8 16:24:50 CEST 2010 - ms@suse.de
+
+- security fix: replies by a malicious system can
+  make ping run into an endless loop (bnc #620837)
+
 -------------------------------------------------------------------
 Fri Jun  4 09:22:08 CEST 2010 - ms@suse.de
 
diff --git a/iputils.spec b/iputils.spec
index 9930f03..825bd29 100644
--- a/iputils.spec
+++ b/iputils.spec
@@ -50,6 +50,7 @@ Patch16:        %name-ss021109-traceroute6-ttab.diff
 Patch17:        %name-%version-open_max.diff
 Patch18:        %name-%version-ping-interrupt.diff
 Patch19:        %name-%version-arping-infiniband.diff
+Patch20:        %name-%version-ping-break.diff
 Prefix:         %_prefix
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
@@ -85,6 +86,7 @@ Authors:
 %patch17 -p1
 %patch18
 %patch19
+%patch20
 mkdir linux
 touch linux/autoconf.h