commit-inetutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-238-g63f4a

From: Mats Erik Andersson
Subject: [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-238-g63f4ad4
Date: Thu, 17 Jan 2013 13:47:09 +0000 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".

The branch, master has been updated
       via  63f4ad499f4a3b90f16995b47e53439adb6f9cd0 (commit)
       via  d7ffe9ddf524b0ff13088b2685bd9cfde5e580f5 (commit)
      from  3853b33cf34fcf0773a861947bfd9b7b7731815f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=63f4ad499f4a3b90f16995b47e53439adb6f9cd0


commit 63f4ad499f4a3b90f16995b47e53439adb6f9cd0
Author: Mats Erik Andersson <address@hidden>
Date:   Thu Jan 17 12:38:46 2013 +0100

    ping6: More options.

diff --git a/ChangeLog b/ChangeLog
index 611a543..da35d5c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,20 @@
 2013-01-17  Mats Erik Andersson  <address@hidden>
 
+       ping6: Setting of tclass and flowinfo.
+
+       * ping/ping6.c (tclass) [IPV6_TCLASS]: New variable.
+       (flowinfo) [IPV6_FLOWINFO]: New variable.
+       (argp_options): Make `--ttl' a synonym for `--hoplimit'.
+       [IPV6_FLOWINFO]: New option `-F/--flowinfo'.
+       [IPV6_TCLASS]: New option `-T/--tos'.
+       (parse_opt) [IPV6_FLOWINFO]: New case 'F'.
+       [IPV6_TCLASS]: New case 'T'.
+       (main) [IPV6_TCLASS]: Call setsockopt(IPV6_TCLASS).
+       [IPV6_FLOWINFO]: Call setsockopt(IPV6_FLOWINFO).
+       * ping/ping_common.h (OPT_FLOWINFO, OPT_TCLASS): New macros.
+
+2013-01-17  Mats Erik Andersson  <address@hidden>
+
        CVE-2010-2529: Infinite loop.
 
        * ping/ping_echo.c (print_ip_opt) <IPOPT_RR>: Break loop
diff --git a/NEWS b/NEWS
index f7b703c..02fccce 100644
--- a/NEWS
+++ b/NEWS
@@ -24,7 +24,7 @@ New switches `--ip-timestamp', `--mask', `-T/--tos' and 
`--ttl'.
 
 * ping6
 
-New switches `--hoplimit' and `-v/--verbose'.
+New switches `--hoplimit/--ttl', `-T/--tos' and `-v/--verbose'.
 
 * rcp
 
diff --git a/ping/ping6.c b/ping/ping6.c
index 77b4f03..203790c 100644
--- a/ping/ping6.c
+++ b/ping/ping6.c
@@ -68,6 +68,12 @@ int timeout = -1;
 int hoplimit = 0;
 unsigned int options;
 static unsigned long preload = 0;
+#ifdef IPV6_TCLASS
+int tclass = -1;       /* Kernel sets default: -1, RFC 3542.  */
+#endif
+#ifdef IPV6_FLOWINFO
+int flowinfo;
+#endif
 
 static int ping_echo (char *hostname);
 static void ping_reset (PING * p);
@@ -91,13 +97,20 @@ static struct argp_option argp_options[] = {
   {NULL, 0, NULL, 0, "Options valid for all request types:", GRP},
   {"count", 'c', "NUMBER", 0, "stop after sending NUMBER packets", GRP+1},
   {"debug", 'd', NULL, 0, "set the SO_DEBUG option", GRP+1},
+#ifdef IPV6_FLOWINFO
+  {"flowinfo", 'F', "N", 0, "set N as flow identifier", GRP+1},
+#endif
   {"hoplimit", ARG_HOPLIMIT, "N", 0, "specify N as hop-limit", GRP+1},
   {"interval", 'i', "NUMBER", 0, "wait NUMBER seconds between sending each "
    "packet", GRP+1},
   {"numeric", 'n', NULL, 0, "do not resolve host addresses", GRP+1},
   {"ignore-routing", 'r', NULL, 0, "send directly to a host on an attached "
    "network", GRP+1},
+#ifdef IPV6_TCLASS
+  {"tos", 'T', "N", 0, "set traffic class to N", GRP+1},
+#endif
   {"timeout", 'w', "N", 0, "stop after N seconds", GRP+1},
+  {"ttl", ARG_HOPLIMIT, "N", 0, "synonym for --hoplimit", GRP+1},
   {"verbose", 'v', NULL, 0, "verbose output", GRP+1},
 #undef GRP
 #define GRP 10
@@ -137,6 +150,13 @@ parse_opt (int key, char *arg, struct argp_state *state)
       setbuf (stdout, (char *) NULL);
       break;
 
+#ifdef IPV6_FLOWINFO
+    case 'F':
+      options |= OPT_FLOWINFO;
+      flowinfo = ping_cvt_number (arg, 0, 0) & IPV6_FLOWINFO_FLOWLABEL;
+      break;
+#endif
+
     case 'i':
       options |= OPT_INTERVAL;
       interval = ping_cvt_number (arg, 0, 0);
@@ -173,6 +193,13 @@ parse_opt (int key, char *arg, struct argp_state *state)
       data_length = ping_cvt_number (arg, PING_MAX_DATALEN, 1);
       break;
 
+#ifdef IPV6_TCLASS
+    case 'T':
+      options |= OPT_TCLASS;
+      tclass = ping_cvt_number (arg, 0, 0);
+      break;
+#endif
+
     case 'v':
       options |= OPT_VERBOSE;
       break;
@@ -244,6 +271,20 @@ main (int argc, char **argv)
                    &hoplimit, sizeof (hoplimit)) < 0)
       error (0, errno, "setsockopt(IPV6_HOPLIMIT)");
 
+#ifdef IPV6_TCLASS
+  if (options & OPT_TCLASS)
+    if (setsockopt (ping->ping_fd, IPPROTO_IPV6, IPV6_TCLASS,
+                   &tclass, sizeof (tclass)) < 0)
+      error (EXIT_FAILURE, errno, "setsockopt(IPV6_TCLASS)");
+#endif
+
+#ifdef IPV6_FLOWINFO
+  if (options & OPT_FLOWINFO)
+    if (setsockopt (ping->ping_fd, IPPROTO_IPV6, IPV6_FLOWINFO,
+                   &flowinfo, sizeof (flowinfo)) < 0)
+      error (EXIT_FAILURE, errno, "setsockopt(IPV6_FLOWINFO)");
+#endif
+
   init_data_buffer (patptr, pattern_len);
 
   while (argc--)
diff --git a/ping/ping_common.h b/ping/ping_common.h
index 0a5c336..6485252 100644
--- a/ping/ping_common.h
+++ b/ping/ping_common.h
@@ -36,6 +36,8 @@
 #define OPT_RROUTE      0x010
 #define OPT_VERBOSE     0x020
 #define OPT_IPTIMESTAMP 0x040
+#define OPT_FLOWINFO    0x080
+#define OPT_TCLASS      0x100
 
 #define SOPT_TSONLY     0x001
 #define SOPT_TSADDR     0x002

http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=d7ffe9ddf524b0ff13088b2685bd9cfde5e580f5


commit d7ffe9ddf524b0ff13088b2685bd9cfde5e580f5
Author: Mats Erik Andersson <address@hidden>
Date:   Thu Jan 17 10:34:55 2013 +0100

    ping: CVE-2010-2529

diff --git a/ChangeLog b/ChangeLog
index 6afd5d9..611a543 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
 2013-01-17  Mats Erik Andersson  <address@hidden>
 
+       CVE-2010-2529: Infinite loop.
+
+       * ping/ping_echo.c (print_ip_opt) <IPOPT_RR>: Break loop
+       if option is truncated or exhausted.
+       <IPOPT_TS>: Break loop if option is truncated.
+
+2013-01-17  Mats Erik Andersson  <address@hidden>
+
        * ping/ping6.c: Include <arpa/inet.h>.
        (print_ip_data): New function.
        (print_icmp_error): In verbose mode, let print_ip_data()
diff --git a/ping/ping_echo.c b/ping/ping_echo.c
index 634e178..e83ccff 100644
--- a/ping/ping_echo.c
+++ b/ping/ping_echo.c
@@ -499,7 +499,7 @@ print_ip_opt (struct ip *ip, int hlen)
          i = j;
        i -= IPOPT_MINOFF;
        if (i <= 0)
-         continue;
+         break;
        if (i == old_rrlen
            && cp == (unsigned char *) (ip + 1) + 2
            && !memcmp ((char *) cp, old_rr, i) && !(options & OPT_FLOOD))
@@ -561,6 +561,10 @@ print_ip_opt (struct ip *ip, int hlen)
        if (i > j)
          i = j;
 
+       /* Check minimal sizing.  */
+       if (j <= (int) (IPOPT_MINOFF + sizeof (n_time)))
+         break;
+
        k = *++cp;      /* OV, FL */
        ++cp;           /* Points at first content.  */
        hlen -= 2;

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog          |   23 +++++++++++++++++++++++
 NEWS               |    2 +-
 ping/ping6.c       |   41 +++++++++++++++++++++++++++++++++++++++++
 ping/ping_common.h |    2 ++
 ping/ping_echo.c   |    6 +++++-
 5 files changed, 72 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
GNU Inetutils
reply via email to
[Prev in Thread] Current Thread [Next in Thread]