pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/snort Add patch from snort CVS to address a securi...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/a60f5e2557a4
branches:  trunk
changeset: 499208:a60f5e2557a4
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Wed Sep 14 12:46:52 2005 +0000

description:
Add patch from snort CVS to address a security issue:
        http://secunia.com/advisories/16786/
Whitespace police on MESSAGE
Bump to nb1

diffstat:

 net/snort/MESSAGE          |    6 +-
 net/snort/Makefile.common  |    3 +-
 net/snort/distinfo         |    3 +-
 net/snort/patches/patch-af |  117 +++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 124 insertions(+), 5 deletions(-)

diffs (170 lines):

diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/MESSAGE
--- a/net/snort/MESSAGE Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/MESSAGE Wed Sep 14 12:46:52 2005 +0000
@@ -1,5 +1,5 @@
 ===========================================================================
-$NetBSD: MESSAGE,v 1.4 2005/08/13 19:56:47 adrianp Exp $
+$NetBSD: MESSAGE,v 1.5 2005/09/14 12:46:52 adrianp Exp $
 
 To use snort, you will need to perform the following steps:
 
@@ -12,9 +12,9 @@
 
        /etc/rc.d/snort start
 
-As of snort v2.4.0 rules are no longer distributed with the main 
+As of snort v2.4.0 rules are no longer distributed with the main
 distribution.  You can either install the net/snort-rules package
-which contains the GPL "Community Rules" or download your appropriate 
+which contains the GPL "Community Rules" or download your appropriate
 rules from:
 
        http://www.snort.org/pub-bin/downloads.cgi
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/Makefile.common
--- a/net/snort/Makefile.common Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/Makefile.common Wed Sep 14 12:46:52 2005 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile.common,v 1.23 2005/08/23 11:48:50 rillig Exp $
+# $NetBSD: Makefile.common,v 1.24 2005/09/14 12:46:52 adrianp Exp $
 #
 
 DISTNAME=              snort-2.4.0
+PKGREVISION=           1
 CATEGORIES=            net security
 MASTER_SITES=          http://www.snort.org/dl/current/ \
                        ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/distinfo
--- a/net/snort/distinfo        Wed Sep 14 11:56:13 2005 +0000
+++ b/net/snort/distinfo        Wed Sep 14 12:46:52 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.28 2005/08/13 19:56:47 adrianp Exp $
+$NetBSD: distinfo,v 1.29 2005/09/14 12:46:52 adrianp Exp $
 
 SHA1 (snort-2.4.0.tar.gz) = 9fb3fd59a9bb0a4232beece59f21cc4f346545bb
 RMD160 (snort-2.4.0.tar.gz) = 8a7e602e5ae8f86d8849bdffc2c259668cf0eedc
@@ -7,3 +7,4 @@
 SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
 SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
 SHA1 (patch-ae) = 4a669e664ccbce2b9e689fe3d281c46f6549b72c
+SHA1 (patch-af) = ac7f9d6c97c07712a1d2faba0cec2fa0ad1674da
diff -r fbaa8596e87c -r a60f5e2557a4 net/snort/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/snort/patches/patch-af        Wed Sep 14 12:46:52 2005 +0000
@@ -0,0 +1,117 @@
+$NetBSD: patch-af,v 1.1 2005/09/14 12:46:52 adrianp Exp $
+
+--- src/log.c.orig     2005-07-11 15:41:40.000000000 +0100
++++ src/log.c  2005-08-23 16:52:19.000000000 +0100
+@@ -1478,7 +1478,10 @@
+                 {
+                     for(j = 0; j < p->ip_options[i].len; j++)
+                     {
+-                        fprintf(fp, "%02X", p->ip_options[i].data[j]);
++                        if (p->ip_options[i].data)
++                            fprintf(fp, "%02X", p->ip_options[i].data[j]);
++                        else
++                            fprintf(fp, "%02X", 0);
+                         
+                         if((j % 2) == 0)
+                             fprintf(fp, " ");
+@@ -1522,7 +1525,8 @@
+             case TCPOPT_MAXSEG:
+                 bzero((char *) tmp, 5);
+                 fwrite("MSS: ", 5, 1, fp);
+-                memcpy(tmp, p->tcp_options[i].data, 2);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 2);
+                 fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
+                 break;
+ 
+@@ -1535,15 +1539,20 @@
+                 break;
+ 
+             case TCPOPT_WSCALE:
+-                fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
++                if (p->tcp_options[i].data)
++                    fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
++                else
++                    fprintf(fp, "WS: %u ", 0);
+                 break;
+ 
+             case TCPOPT_SACK:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 2);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 2);
+                 fprintf(fp, "Sack: %u@", EXTRACT_16BITS(tmp));
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
+                 fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
+                 break;
+ 
+@@ -1553,40 +1562,47 @@
+ 
+             case TCPOPT_ECHO:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "Echo: %u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+             case TCPOPT_ECHOREPLY:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "Echo Rep: %u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+             case TCPOPT_TIMESTAMP:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "TS: %u ", EXTRACT_32BITS(tmp));
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
+                 fprintf(fp, "%u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+             case TCPOPT_CC:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "CC %u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+             case TCPOPT_CCNEW:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "CCNEW: %u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+             case TCPOPT_CCECHO:
+                 bzero((char *) tmp, 5);
+-                memcpy(tmp, p->tcp_options[i].data, 4);
++                if (p->tcp_options[i].data)
++                    memcpy(tmp, p->tcp_options[i].data, 4);
+                 fprintf(fp, "CCECHO: %u ", EXTRACT_32BITS(tmp));
+                 break;
+ 
+@@ -1598,7 +1614,10 @@
+ 
+                     for(j = 0; j < p->tcp_options[i].len; j++)
+                     {
+-                        fprintf(fp, "%02X", p->tcp_options[i].data[j]);
++                        if (p->tcp_options[i].data)
++                            fprintf(fp, "%02X", p->tcp_options[i].data[j]);
++                        else
++                            fprintf(fp, "%02X", 0);
+                         
+                         if((j % 2) == 0)
+                             fprintf(fp, " ");



Home | Main Index | Thread Index | Old Index