From 52136899143fedaf8a6fdab650325248409bd40fd0703055820b352db4b18e39 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <andreas.stieger@gmx.de>
Date: Fri, 17 Apr 2015 20:19:44 +0000
Subject: [PATCH] Accepting request 297857 from
 home:AndreasStieger:branches:network:utilities

- fix a DoS vulnerability in print-wb.c
  CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch

OBS-URL: https://build.opensuse.org/request/show/297857
OBS-URL: https://build.opensuse.org/package/show/network:utilities/tcpdump?expand=0&rev=27
---
 CVE-2015-3138.patch | 41 +++++++++++++++++++++++++++++++++++++++++
 tcpdump.changes     |  6 ++++++
 tcpdump.spec        |  2 ++
 3 files changed, 49 insertions(+)
 create mode 100644 CVE-2015-3138.patch

diff --git a/CVE-2015-3138.patch b/CVE-2015-3138.patch
new file mode 100644
index 0000000..0c33f88
--- /dev/null
+++ b/CVE-2015-3138.patch
@@ -0,0 +1,41 @@
+From 3ed82f4ed0095768529afc22b923c8f7171fff70 Mon Sep 17 00:00:00 2001
+From: Denis Ovsienko <denis@ovsienko.info>
+Date: Wed, 25 Mar 2015 22:35:12 +0000
+Subject: [PATCH] whiteboard: fixup a few reversed tests (GH #446)
+
+This is a follow-up to commit 3a3ec26.
+---
+ print-wb.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/print-wb.c b/print-wb.c
+index 3e3b064..4fa5e38 100644
+--- a/print-wb.c
++++ b/print-wb.c
+@@ -201,7 +201,7 @@ wb_id(netdissect_options *ndo,
+ 	len -= sizeof(*io) * nid;
+ 	io = (struct id_off *)(id + 1);
+ 	cp = (char *)(io + nid);
+-	if (!ND_TTEST2(cp, len)) {
++	if (ND_TTEST2(cp, len)) {
+ 		ND_PRINT((ndo, "\""));
+ 		fn_print(ndo, (u_char *)cp, (u_char *)cp + len);
+ 		ND_PRINT((ndo, "\""));
+@@ -266,7 +266,7 @@ wb_prep(netdissect_options *ndo,
+ 	}
+ 	n = EXTRACT_32BITS(&prep->pp_n);
+ 	ps = (const struct pgstate *)(prep + 1);
+-	while (--n >= 0 && !ND_TTEST(*ps)) {
++	while (--n >= 0 && ND_TTEST(*ps)) {
+ 		const struct id_off *io, *ie;
+ 		char c = '<';
+ 
+@@ -275,7 +275,7 @@ wb_prep(netdissect_options *ndo,
+ 		    ipaddr_string(ndo, &ps->page.p_sid),
+ 		    EXTRACT_32BITS(&ps->page.p_uid)));
+ 		io = (struct id_off *)(ps + 1);
+-		for (ie = io + ps->nid; io < ie && !ND_TTEST(*io); ++io) {
++		for (ie = io + ps->nid; io < ie && ND_TTEST(*io); ++io) {
+ 			ND_PRINT((ndo, "%c%s:%u", c, ipaddr_string(ndo, &io->id),
+ 			    EXTRACT_32BITS(&io->off)));
+ 			c = ',';
diff --git a/tcpdump.changes b/tcpdump.changes
index 327deea..443f1ca 100644
--- a/tcpdump.changes
+++ b/tcpdump.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Fri Apr 17 20:00:24 UTC 2015 - astieger@suse.com
+
+- fix a DoS vulnerability in print-wb.c
+  CVE-2015-3138 [boo#927637] adding CVE-2015-3138.patch
+
 -------------------------------------------------------------------
 Fri Mar 13 09:54:11 UTC 2015 - vcizek@suse.com
 
diff --git a/tcpdump.spec b/tcpdump.spec
index 97c2044..bac002d 100644
--- a/tcpdump.spec
+++ b/tcpdump.spec
@@ -30,6 +30,7 @@ Source:         http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
 Source1:        tcpdump-qeth
 Source2:        http://www.tcpdump.org/release/%{name}-%{version}.tar.gz.sig
 Source3:        http://www.tcpdump.org/tcpdump-workers.asc#/%{name}.keyring
+Patch0:         CVE-2015-3138.patch
 BuildRequires:  libpcap-devel >= %{min_libpcap_version}
 BuildRequires:  libsmi-devel
 BuildRequires:  openssl-devel
@@ -42,6 +43,7 @@ ethernet. It can be used to debug specific network problems.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 export CFLAGS="%{optflags} -Wall -DGUESS_TSO -fstack-protector -fno-strict-aliasing"