nping:fix out of bounds

(cherry picked from commit 774069138fe6753a51dc1dc1092eda01b646635f)
2023-08-23 17:15:37 +08:00 · 2023-08-23 17:15:37 +08:00 · 66b95c3614
commit 66b95c3614
parent 1a3e3bb01c
2 changed files with 38 additions and 1 deletions
--- a/backport-nping-fix-out-of-bounds-access.patch
+++ b/backport-nping-fix-out-of-bounds-access.patch
@ -0,0 +1,29 @@
+From 54a0c1440188a76f370b14d40777716a8761d0a8 Mon Sep 17 00:00:00 2001
+From: "jay.fink" <jay.fink@0c474577-fa26-0410-a966-bdb198e94e9e>
+Date: Wed, 13 Oct 2010 00:39:53 +0000
+Subject: [PATCH] approved by dugsong@ Fix an off by one. Issue number 9 in
+ google code.
+
+Conflict: NA
+Reference: https://github.com/ofalk/libdnet/commit/54a0c1440188a76f370b14d40777716a8761d0a8
+
+---
+ libdnet-stripped/src/intf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libdnet-stripped/src/intf.c b/libdnet-stripped/src/intf.c
+index 6180d85..4b282ff 100644
+--- a/libdnet-stripped/src/intf.c
+++ b/libdnet-stripped/src/intf.c
+@@ -774,7 +774,7 @@ _intf_get_aliases(intf_t *intf, struct intf_entry *entry)
+ 		u_int idx, bits, scope, flags;
+ 		
+ 		if ((f = fopen(PROC_INET6_FILE, "r")) != NULL) {
+-			while (ap < lap &&
+			while ((ap + 1)  < lap &&
+ 			       fgets(buf, sizeof(buf), f) != NULL) {
+ 				/* scan up to INTF_NAME_LEN-1 bytes to reserve space for null terminator */
+ 				sscanf(buf, "%04s%04s%04s%04s%04s%04s%04s%04s %x %02x %02x %02x %15s\n",
+-- 
+2.33.0
+
--- a/nmap.spec
+++ b/nmap.spec
@ -3,7 +3,7 @@
 Name:           nmap
 Epoch:          2
 Version:        7.80
-Release:        1
+Release:        2
 License:        Nmap
 Summary:        A tool for network discovery and security auditing.
 Requires:       %{name}-ncat = %{epoch}:%{version}-%{release}
@ -16,6 +16,8 @@ Obsoletes:      nmap-frontend nmap-ndiff nmap-ncat nc < 1.109.20120711-2
 Obsoletes:      nc6 < 1.00-22
 Provides:       nmap-frontend nmap-ndiff nmap-ncat nc nc6

+Patch0:         backport-nping-fix-out-of-bounds-access.patch
+
 %define pixmap_srcdir zenmap/share/pixmaps

 %description
@ -62,6 +64,12 @@ ln -s ncat %{buildroot}%{_bindir}/nc
 %{_mandir}/man1/*.1.gz

 %changelog
+* Wed Aug 23 2023 xingwei <xingwei14@h-partners.com> - 2:7.80-2
+- Type:bugfix
+- CVE:
+- SUG:NA
+- DESC:nping:fix out of bounds
+
 * Fri Apr 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 2:7.80-1
 - Type:bugfix
 - ID:NA