[pkgsrc/trunk]: pkgsrc/net/wireshark add two patches from upstream:

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/0939b3a78a67
branches:  trunk
changeset: 585261:0939b3a78a67
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Thu Feb 10 11:00:56 2011 +0000

description:
add two patches from upstream:
-fix possible free() of an uninitialized pointer when reading a
 malformed pcap-ng file (CVE-2011-0538)
-add length check in pcap-ng reader
bump PKGREV

diffstat:

 net/wireshark/Makefile         |   4 +-
 net/wireshark/distinfo         |   4 ++-
 net/wireshark/patches/patch-af |  13 ++++++++++++
 net/wireshark/patches/patch-ag |  44 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 62 insertions(+), 3 deletions(-)

diffs (96 lines):

diff -r 23d4d89552bf -r 0939b3a78a67 net/wireshark/Makefile
--- a/net/wireshark/Makefile    Thu Feb 10 10:52:25 2011 +0000
+++ b/net/wireshark/Makefile    Thu Feb 10 11:00:56 2011 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.58 2011/01/13 13:53:34 wiz Exp $
+# $NetBSD: Makefile,v 1.59 2011/02/10 11:00:56 drochner Exp $
 
 DISTNAME=              wireshark-1.4.3
-PKGREVISION=           1
+PKGREVISION=           2
 CATEGORIES=            net
 MASTER_SITES=          http://www.wireshark.org/download/src/ \
                        ${MASTER_SITE_SOURCEFORGE:=wireshark/}
diff -r 23d4d89552bf -r 0939b3a78a67 net/wireshark/distinfo
--- a/net/wireshark/distinfo    Thu Feb 10 10:52:25 2011 +0000
+++ b/net/wireshark/distinfo    Thu Feb 10 11:00:56 2011 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.40 2011/01/31 12:21:34 adam Exp $
+$NetBSD: distinfo,v 1.41 2011/02/10 11:00:56 drochner Exp $
 
 SHA1 (wireshark-1.4.3.tar.bz2) = 776c757e6a6a085232ac843ec28b026bf4ca9c8d
 RMD160 (wireshark-1.4.3.tar.bz2) = 6a63023f165b2e875296340f6a57595427a13fe7
@@ -8,6 +8,8 @@
 SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840
 SHA1 (patch-ad) = a09b5ac9e836ef01fbd6ba103de00d08c0af2800
 SHA1 (patch-ae) = 7af195e797f8636a9636d30cdea4ee464fd853df
+SHA1 (patch-af) = 908f2050cbf0db6156f8802e93e3f193a87ef916
+SHA1 (patch-ag) = 28c2c23355090f5737f01d2c7740c430ca2b607b
 SHA1 (patch-ba) = 49825d82605a665f54a5cdb6ccb364e55c0e0ffa
 SHA1 (patch-bb) = 1e16337d1894f196f61b233423d729246dea33b5
 SHA1 (patch-bc) = 052ede4ba58502117fe7b355e22a906ff65b773e
diff -r 23d4d89552bf -r 0939b3a78a67 net/wireshark/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/wireshark/patches/patch-af    Thu Feb 10 11:00:56 2011 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.1 2011/02/10 11:00:57 drochner Exp $
+
+--- tshark.c.orig      2011-01-11 19:24:25.000000000 +0000
++++ tshark.c
+@@ -2523,7 +2523,7 @@ load_cap_file(capture_file *cf, char *sa
+   int          snapshot_length;
+   wtap_dumper *pdh;
+   int          err;
+-  gchar        *err_info;
++  gchar        *err_info = NULL;
+   gint64       data_offset;
+   char         *save_file_string = NULL;
+   gboolean     filtering_tap_listeners;
diff -r 23d4d89552bf -r 0939b3a78a67 net/wireshark/patches/patch-ag
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/wireshark/patches/patch-ag    Thu Feb 10 11:00:56 2011 +0000
@@ -0,0 +1,44 @@
+$NetBSD: patch-ag,v 1.1 2011/02/10 11:00:57 drochner Exp $
+
+--- wiretap/pcapng.c.orig      2011-01-11 19:24:22.000000000 +0000
++++ wiretap/pcapng.c
+@@ -806,18 +806,26 @@ pcapng_read_packet_block(FILE_T fh, pcap
+               pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than packet_len %u.",
+                             wblock->data.packet.cap_len, wblock->data.packet.packet_len);
+               *err = WTAP_ERR_BAD_RECORD;
++              *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than packet_len");
+               return 0;
+       }
+       if (wblock->data.packet.cap_len > WTAP_MAX_PACKET_SIZE) {
+               pcapng_debug2("pcapng_read_packet_block:cap_len %d is larger than WTAP_MAX_PACKET_SIZE %u.",
+                             wblock->data.packet.cap_len, WTAP_MAX_PACKET_SIZE);
+               *err = WTAP_ERR_BAD_RECORD;
++              *err_info = g_strdup("pcapng_read_packet_block:cap_len is larger than WTAP_MAX_PACKET_SIZE");
+               return 0;
+       }
+       pcapng_debug3("pcapng_read_packet_block: packet data: packet_len %u captured_len %u interface_id %u",
+                     wblock->data.packet.packet_len,
+                     wblock->data.packet.cap_len,
+                     wblock->data.packet.interface_id);
++      if (wblock->data.packet.packet_len > WTAP_MAX_PACKET_SIZE) {
++              *err = WTAP_ERR_BAD_RECORD;
++              *err_info = g_strdup_printf("pcapng_read_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
++                      wblock->data.packet.packet_len, WTAP_MAX_PACKET_SIZE);
++              return 0;
++      }
+ 
+       wtap_encap = pcapng_get_encap(wblock->data.packet.interface_id, pn);
+       pcapng_debug3("pcapng_read_packet_block: encapsulation = %d (%s), pseudo header size = %d.",
+@@ -980,6 +988,12 @@ pcapng_read_simple_packet_block(FILE_T f
+       }
+       pcapng_debug1("pcapng_read_simple_packet_block: packet data: packet_len %u",
+                      wblock->data.simple_packet.packet_len);
++      if (wblock->data.simple_packet.packet_len > WTAP_MAX_PACKET_SIZE) {
++              *err = WTAP_ERR_BAD_RECORD;
++              *err_info = g_strdup_printf("pcapng_read_simple_packet_block: packet_len %u is larger than WTAP_MAX_PACKET_SIZE %u.",
++                      wblock->data.simple_packet.packet_len, WTAP_MAX_PACKET_SIZE);
++              return 0;
++      }
+ 
+       encap = pcapng_get_encap(0, pn);
+       pcapng_debug1("pcapng_read_simple_packet_block: Need to read pseudo header of size %d",