From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 956C115800F for ; Mon, 13 Feb 2023 03:23:16 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DE86BE08EF; Mon, 13 Feb 2023 03:23:15 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C5D1FE08EF for ; Mon, 13 Feb 2023 03:23:15 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 1A776340CCD for ; Mon, 13 Feb 2023 03:23:15 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id ACC707D0 for ; Mon, 13 Feb 2023 03:23:13 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1676258585.a3de456aa64d3ed171dd41ff5b867cf1389558c6.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/iproute2/files/, sys-apps/iproute2/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/iproute2/files/iproute2-6.1.0-strncpy-overlap.patch sys-apps/iproute2/iproute2-6.1.0-r1.ebuild X-VCS-Directories: sys-apps/iproute2/ sys-apps/iproute2/files/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: a3de456aa64d3ed171dd41ff5b867cf1389558c6 X-VCS-Branch: master Date: Mon, 13 Feb 2023 03:23:13 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 2c824af9-9354-4490-90d4-8230df4d9aab X-Archives-Hash: ee487b76ca5ea1b6030d3538429c559a commit: a3de456aa64d3ed171dd41ff5b867cf1389558c6 Author: Sam James gentoo org> AuthorDate: Mon Feb 13 03:20:27 2023 +0000 Commit: Sam James gentoo org> CommitDate: Mon Feb 13 03:23:05 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3de456a sys-apps/iproute2: fix UB in strncpy (e.g. truncated ip route output) Fix overlapping buffers passed to strncpy which is UB. format_host_rta_r writes to the buffer passed to it, so hostname (derived from b1) & b1 partly overlap. This gets worse with sys-libs/glibc-2.37 where the ip route output can be truncated, but it was UB anyway and you can see it occurring w/ glibc-2.36. Bug: https://lore.kernel.org/netdev/0011AC38-4823-4D0A-8580-B108D08959C2 gentoo.org/T/#u Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30112 Thanks-to: Doug Freed mtu.edu> Signed-off-by: Sam James gentoo.org> .../files/iproute2-6.1.0-strncpy-overlap.patch | 39 ++++ sys-apps/iproute2/iproute2-6.1.0-r1.ebuild | 216 +++++++++++++++++++++ 2 files changed, 255 insertions(+) diff --git a/sys-apps/iproute2/files/iproute2-6.1.0-strncpy-overlap.patch b/sys-apps/iproute2/files/iproute2-6.1.0-strncpy-overlap.patch new file mode 100644 index 000000000000..8b4b0abbbc7d --- /dev/null +++ b/sys-apps/iproute2/files/iproute2-6.1.0-strncpy-overlap.patch @@ -0,0 +1,39 @@ +fix UB in strncpy (e.g. truncated ip route output) + +Fix overlapping buffers passed to strncpy which is UB. format_host_rta_r writes +to the buffer passed to it, so hostname (derived from b1) & b1 partly overlap. + +This gets worse with sys-libs/glibc-2.37 where the ip route output can be truncated, +but it was UB anyway and you can see it occurring w/ glibc-2.36. + +Bug: https://lore.kernel.org/netdev/0011AC38-4823-4D0A-8580-B108D08959C2@gentoo.org/T/#u +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30112 +Thanks-to: Doug Freed +--- a/ip/iproute.c ++++ b/ip/iproute.c +@@ -753,6 +753,7 @@ int print_route(struct nlmsghdr *n, void *arg) + int ret; + + SPRINT_BUF(b1); ++ SPRINT_BUF(b2); + + if (n->nlmsg_type != RTM_NEWROUTE && n->nlmsg_type != RTM_DELROUTE) { + fprintf(stderr, "Not a route: %08x %08x %08x\n", +@@ -814,7 +815,7 @@ int print_route(struct nlmsghdr *n, void *arg) + r->rtm_dst_len); + } else { + const char *hostname = format_host_rta_r(family, tb[RTA_DST], +- b1, sizeof(b1)); ++ b2, sizeof(b2)); + if (hostname) + strncpy(b1, hostname, sizeof(b1) - 1); + } +@@ -837,7 +838,7 @@ int print_route(struct nlmsghdr *n, void *arg) + r->rtm_src_len); + } else { + const char *hostname = format_host_rta_r(family, tb[RTA_SRC], +- b1, sizeof(b1)); ++ b2, sizeof(b2)); + if (hostname) + strncpy(b1, hostname, sizeof(b1) - 1); + } diff --git a/sys-apps/iproute2/iproute2-6.1.0-r1.ebuild b/sys-apps/iproute2/iproute2-6.1.0-r1.ebuild new file mode 100644 index 000000000000..72f3265dd8e0 --- /dev/null +++ b/sys-apps/iproute2/iproute2-6.1.0-r1.ebuild @@ -0,0 +1,216 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit edo toolchain-funcs + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git" + inherit git-r3 +else + SRC_URI="https://www.kernel.org/pub/linux/utils/net/${PN}/${P}.tar.xz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +fi + +DESCRIPTION="kernel routing and traffic control utilities" +HOMEPAGE="https://wiki.linuxfoundation.org/networking/iproute2" + +LICENSE="GPL-2" +SLOT="0" +IUSE="atm berkdb bpf caps elf +iptables libbsd minimal nfs selinux split-usr" + +# We could make libmnl optional, but it's tiny, so eh +RDEPEND=" + !net-misc/arpd + !minimal? ( net-libs/libmnl:= ) + atm? ( net-dialup/linux-atm ) + berkdb? ( sys-libs/db:= ) + bpf? ( dev-libs/libbpf:= ) + caps? ( sys-libs/libcap ) + elf? ( virtual/libelf:= ) + iptables? ( >=net-firewall/iptables-1.4.20:= ) + libbsd? ( dev-libs/libbsd ) + nfs? ( net-libs/libtirpc:= ) + selinux? ( sys-libs/libselinux ) +" +# We require newer linux-headers for ipset support (bug #549948) and some defines (bug #553876) +DEPEND=" + ${RDEPEND} + >=sys-kernel/linux-headers-3.16 +" +BDEPEND=" + app-arch/xz-utils + >=sys-devel/bison-2.4 + sys-devel/flex + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}"/${PN}-3.1.0-mtu.patch # bug #291907 + "${FILESDIR}"/${PN}-5.12.0-configure-nomagic.patch # bug #643722 + #"${FILESDIR}"/${PN}-5.1.0-portability.patch + "${FILESDIR}"/${PN}-5.7.0-mix-signal.h-include.patch + "${FILESDIR}"/${PN}-default-color-auto.patch + "${FILESDIR}"/${PN}-6.1.0-strncpy-overlap.patch +) + +src_prepare() { + default + + # Fix version if necessary + local versionfile="include/version.h" + if [[ ${PV} != 9999 ]] && ! grep -Fq "${PV}" ${versionfile} ; then + einfo "Fixing version string" + sed "s@\"[[:digit:]\.]\+\"@\"${PV}\"@" \ + -i ${versionfile} || die + fi + + # echo -n is not POSIX compliant + sed 's@echo -n@printf@' -i configure || die + + sed -i \ + -e '/^CC :\?=/d' \ + -e "/^LIBDIR/s:=.*:=/$(get_libdir):" \ + -e "s|-O2|${CFLAGS} ${CPPFLAGS}|" \ + -e "/^HOSTCC/s:=.*:= $(tc-getBUILD_CC):" \ + -e "/^DBM_INCLUDE/s:=.*:=${T}:" \ + Makefile || die + + # Build against system headers + rm -r include/netinet || die #include/linux include/ip{,6}tables{,_common}.h include/libiptc + sed -i 's:TCPI_OPT_ECN_SEEN:16:' misc/ss.c || die + + if use minimal ; then + sed -i -e '/^SUBDIRS=/s:=.*:=lib tc ip:' Makefile || die + fi +} + +src_configure() { + tc-export AR CC PKG_CONFIG + + # This sure is ugly. Should probably move into toolchain-funcs at some point. + local setns + pushd "${T}" >/dev/null || die + printf '#include \nint main(){return setns(0, 0);}\n' > test.c || die + if ${CC} ${CFLAGS} ${CPPFLAGS} -D_GNU_SOURCE ${LDFLAGS} test.c >&/dev/null ; then + setns=y + else + setns=n + fi + + echo 'int main(){return 0;}' > test.c || die + if ! ${CC} ${CFLAGS} ${CPPFLAGS} ${LDFLAGS} test.c -lresolv >&/dev/null ; then + sed -i '/^LDLIBS/s:-lresolv::' "${S}"/Makefile || die + fi + popd >/dev/null || die + + # run "configure" script first which will create "config.mk"... + # Using econf breaks since 5.14.0 (a9c3d70d902a0473ee5c13336317006a52ce8242) + edo ./configure --libbpf_force $(usex bpf on off) + + # Remove the definitions made by configure and allow them to be overridden + # by USE flags below. + # We have to do the cheesy only-sed-if-disabled because otherwise + # the *_FLAGS etc stuff found by configure will be used but result + # in a broken build. + if ! use berkdb ; then + sed -i -e '/HAVE_BERKELEY_DB/d' config.mk || die + fi + + if ! use caps ; then + sed -i -e '/HAVE_CAP/d' config.mk || die + fi + + if use minimal ; then + sed -i -e '/HAVE_MNL/d' config.mk || die + fi + + if ! use elf ; then + sed -i -e '/HAVE_ELF/d' config.mk || die + fi + + if ! use nfs ; then + sed -i -e '/HAVE_RPC/d' config.mk || die + fi + + if ! use selinux ; then + sed -i -e '/HAVE_SELINUX/d' config.mk || die + fi + + if ! use libbsd ; then + sed -i -e '/HAVE_LIBBSD/d' config.mk || die + fi + + # ...Now switch on/off requested features via USE flags + # this is only useful if the test did not set other things, per bug #643722 + # Keep in sync with ifs above, or refactor to be unified. + cat <<-EOF >> config.mk + TC_CONFIG_ATM := $(usex atm y n) + TC_CONFIG_XT := $(usex iptables y n) + TC_CONFIG_NO_XT := $(usex iptables n y) + # We've locked in recent enough kernel headers, bug #549948 + TC_CONFIG_IPSET := y + HAVE_BERKELEY_DB := $(usex berkdb y n) + HAVE_CAP := $(usex caps y n) + HAVE_MNL := $(usex minimal n y) + HAVE_ELF := $(usex elf y n) + HAVE_RPC := $(usex nfs y n) + HAVE_SELINUX := $(usex selinux y n) + IP_CONFIG_SETNS := ${setns} + # Use correct iptables dir, bug #144265, bug #293709 + IPT_LIB_DIR := $(use iptables && ${PKG_CONFIG} xtables --variable=xtlibdir) + HAVE_LIBBSD := $(usex libbsd y n) + EOF +} + +src_compile() { + emake V=1 NETNS_RUN_DIR=/run/netns +} + +src_install() { + if use minimal ; then + into / + dosbin tc/tc + dobin ip/ip + return 0 + fi + + emake \ + DESTDIR="${D}" \ + PREFIX="${EPREFIX}/usr" \ + LIBDIR="${EPREFIX}"/$(get_libdir) \ + SBINDIR="${EPREFIX}"/sbin \ + CONFDIR="${EPREFIX}"/etc/iproute2 \ + DOCDIR="${EPREFIX}"/usr/share/doc/${PF} \ + MANDIR="${EPREFIX}"/usr/share/man \ + ARPDDIR="${EPREFIX}"/var/lib/arpd \ + install + + dodir /bin + mv "${ED}"/{s,}bin/ip || die # bug #330115 + + dolib.a lib/libnetlink.a + insinto /usr/include + doins include/libnetlink.h + + # Collides with net-analyzer/ifstat + # https://bugs.gentoo.org/868321 + mv "${ED}"/sbin/ifstat{,-iproute2} || die + + if use split-usr ; then + # Can remove compatibility symlink in a year: 2023-05-28. + # bug #547264 + mv "${ED}"/sbin/ss "${ED}"/bin/ss || die + dosym -r /bin/ss /sbin/ss + fi + + if use berkdb ; then + keepdir /var/lib/arpd + # bug #47482, arpd doesn't need to be in /sbin + dodir /usr/bin + mv "${ED}"/sbin/arpd "${ED}"/usr/bin/ || die + elif [[ -d "${ED}"/var/lib/arpd ]]; then + rmdir --ignore-fail-on-non-empty -p "${ED}"/var/lib/arpd || die + fi +}