pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/snort Add patch from snort CVS to address a securi...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a60f5e2557a4
branches: trunk
changeset: 499208:a60f5e2557a4
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Wed Sep 14 12:46:52 2005 +0000
description:
Add patch from snort CVS to address a security issue:
http://secunia.com/advisories/16786/
Whitespace police on MESSAGE
Bump to nb1
diffstat:
net/snort/MESSAGE | 6 +-
net/snort/Makefile.common | 3 +-
net/snort/distinfo | 3 +-
net/snort/patches/patch-af | 117 +++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 124 insertions(+), 5 deletions(-)
diffs (170 lines):
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/MESSAGE
--- a/net/snort/MESSAGE Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/MESSAGE Wed Sep 14 12:46:52 2005 +0000
@@ -1,5 +1,5 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.4 2005/08/13 19:56:47 adrianp Exp $
+$NetBSD: MESSAGE,v 1.5 2005/09/14 12:46:52 adrianp Exp $
To use snort, you will need to perform the following steps:
@@ -12,9 +12,9 @@
/etc/rc.d/snort start
-As of snort v2.4.0 rules are no longer distributed with the main
+As of snort v2.4.0 rules are no longer distributed with the main
distribution. You can either install the net/snort-rules package
-which contains the GPL "Community Rules" or download your appropriate
+which contains the GPL "Community Rules" or download your appropriate
rules from:
http://www.snort.org/pub-bin/downloads.cgi
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/Makefile.common
--- a/net/snort/Makefile.common Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/Makefile.common Wed Sep 14 12:46:52 2005 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile.common,v 1.23 2005/08/23 11:48:50 rillig Exp $
+# $NetBSD: Makefile.common,v 1.24 2005/09/14 12:46:52 adrianp Exp $
#
DISTNAME= snort-2.4.0
+PKGREVISION= 1
CATEGORIES= net security
MASTER_SITES= http://www.snort.org/dl/current/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/distinfo
--- a/net/snort/distinfo Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/distinfo Wed Sep 14 12:46:52 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.28 2005/08/13 19:56:47 adrianp Exp $
+$NetBSD: distinfo,v 1.29 2005/09/14 12:46:52 adrianp Exp $
SHA1 (snort-2.4.0.tar.gz) = 9fb3fd59a9bb0a4232beece59f21cc4f346545bb
RMD160 (snort-2.4.0.tar.gz) = 8a7e602e5ae8f86d8849bdffc2c259668cf0eedc
@@ -7,3 +7,4 @@
SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
SHA1 (patch-ae) = 4a669e664ccbce2b9e689fe3d281c46f6549b72c
+SHA1 (patch-af) = ac7f9d6c97c07712a1d2faba0cec2fa0ad1674da
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/patches/patch-af
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/snort/patches/patch-af Wed Sep 14 12:46:52 2005 +0000
@@ -0,0 +1,117 @@
+$NetBSD: patch-af,v 1.1 2005/09/14 12:46:52 adrianp Exp $
+
+--- src/log.c.orig 2005-07-11 15:41:40.000000000 +0100
++++ src/log.c 2005-08-23 16:52:19.000000000 +0100
+@@ -1478,7 +1478,10 @@
+ {
+ for(j = 0; j < p->ip_options[i].len; j++)
+ {
+- fprintf(fp, "%02X", p->ip_options[i].data[j]);
++ if (p->ip_options[i].data)
++ fprintf(fp, "%02X", p->ip_options[i].data[j]);
++ else
++ fprintf(fp, "%02X", 0);
+
+ if((j % 2) == 0)
+ fprintf(fp, " ");
+@@ -1522,7 +1525,8 @@
+ case TCPOPT_MAXSEG:
+ bzero((char *) tmp, 5);
+ fwrite("MSS: ", 5, 1, fp);
+- memcpy(tmp, p->tcp_options[i].data, 2);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 2);
+ fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
+ break;
+
+@@ -1535,15 +1539,20 @@
+ break;
+
+ case TCPOPT_WSCALE:
+- fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
++ if (p->tcp_options[i].data)
++ fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
++ else
++ fprintf(fp, "WS: %u ", 0);
+ break;
+
+ case TCPOPT_SACK:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 2);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 2);
+ fprintf(fp, "Sack: %u@", EXTRACT_16BITS(tmp));
+ bzero((char *) tmp, 5);
+- memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
+ fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
+ break;
+
+@@ -1553,40 +1562,47 @@
+
+ case TCPOPT_ECHO:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "Echo: %u ", EXTRACT_32BITS(tmp));
+ break;
+
+ case TCPOPT_ECHOREPLY:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "Echo Rep: %u ", EXTRACT_32BITS(tmp));
+ break;
+
+ case TCPOPT_TIMESTAMP:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "TS: %u ", EXTRACT_32BITS(tmp));
+ bzero((char *) tmp, 5);
+- memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
+ fprintf(fp, "%u ", EXTRACT_32BITS(tmp));
+ break;
+
+ case TCPOPT_CC:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "CC %u ", EXTRACT_32BITS(tmp));
+ break;
+
+ case TCPOPT_CCNEW:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "CCNEW: %u ", EXTRACT_32BITS(tmp));
+ break;
+
+ case TCPOPT_CCECHO:
+ bzero((char *) tmp, 5);
+- memcpy(tmp, p->tcp_options[i].data, 4);
++ if (p->tcp_options[i].data)
++ memcpy(tmp, p->tcp_options[i].data, 4);
+ fprintf(fp, "CCECHO: %u ", EXTRACT_32BITS(tmp));
+ break;
+
+@@ -1598,7 +1614,10 @@
+
+ for(j = 0; j < p->tcp_options[i].len; j++)
+ {
+- fprintf(fp, "%02X", p->tcp_options[i].data[j]);
++ if (p->tcp_options[i].data)
++ fprintf(fp, "%02X", p->tcp_options[i].data[j]);
++ else
++ fprintf(fp, "%02X", 0);
+
+ if((j % 2) == 0)
+ fprintf(fp, " ");
Home |
Main Index |
Thread Index |
Old Index