diff options
Diffstat (limited to 'meta-openembedded/meta-networking')
9 files changed, 466 insertions, 5 deletions
diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb index 7c3d5babd8..0150d3e38a 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb @@ -131,6 +131,11 @@ do_install_append() { -e 's@[^ ]*PKG_CONFIG_LIBDIR=[^ "]*@@g' \ -i ${D}${bindir}/net-snmp-config + sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \ + -i ${D}${libdir}/pkgconfig/netsnmp*.pc + # ${STAGING_DIR_HOST} is empty for native builds, and the sed command below # will result in errors if run for native. if [ "${STAGING_DIR_HOST}" ]; then diff --git a/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch b/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch new file mode 100644 index 0000000000..bb3400cfa6 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch @@ -0,0 +1,331 @@ +From ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc Mon Sep 17 00:00:00 2001 +From: Aaron Conole <aconole@redhat.com> +Date: Fri, 23 Oct 2020 14:40:32 -0400 +Subject: [PATCH] lldp_head: remove all references + +There were a number of references missed during the module cleanup. This hits the remaining +ones. + +Fixes: 07a83c583b9d ("lldp_head: rename and make extern") +Signed-off-by: Aaron Conole <aconole@redhat.com> + +Reference to upstream patch: +https://github.com/intel/openlldp/commit/ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc + +Signed-off-by: Li Wang <li.wang@windriver.com> +--- + ctrl_iface.c | 4 +--- + lldp_8021qaz.c | 11 +++++------ + lldp_8023.c | 6 ++---- + lldp_basman.c | 6 ++---- + lldp_evb.c | 6 ++---- + lldp_evb22.c | 6 ++---- + lldp_mand.c | 10 ++++------ + lldp_med.c | 6 ++---- + qbg_utils.c | 3 +-- + 9 files changed, 21 insertions(+), 37 deletions(-) + +diff --git a/ctrl_iface.c b/ctrl_iface.c +index 1734f49..666f7c8 100644 +--- a/ctrl_iface.c ++++ b/ctrl_iface.c +@@ -53,8 +53,6 @@ + #include "lldp_util.h" + #include "messages.h" + +-extern struct lldp_head lldp_head; +- + struct ctrl_dst { + struct ctrl_dst *next; + struct sockaddr_un addr; +@@ -116,7 +114,7 @@ int clif_iface_module(struct clif_data *clifd, + return cmd_invalid; + } + +- mod = find_module_by_id(&lldp_head, module_id); ++ mod = find_module_by_id(&lldp_mod_head, module_id); + if (mod && mod->ops && mod->ops->client_cmd) + return (mod->ops->client_cmd)(clifd, from, fromlen, + cmd_start, cmd_len, rbuf+strlen(rbuf), rlen); +diff --git a/lldp_8021qaz.c b/lldp_8021qaz.c +index 16ae167..e747710 100644 +--- a/lldp_8021qaz.c ++++ b/lldp_8021qaz.c +@@ -48,7 +48,6 @@ + #include "lldp_dcbx.h" + + +-struct lldp_head lldp_head; + extern config_t lldpad_cfg; + extern bool read_only_8021qaz; + +@@ -84,7 +83,7 @@ static int ieee8021qaz_check_pending(struct port *port, + if (!port->portEnabled) + return 0; + +- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ); ++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ); + if (iud) { + LIST_FOREACH(tlv, &iud->head, entry) { + if (!strncmp(port->ifname, tlv->ifname, IFNAMSIZ)) { +@@ -143,7 +142,7 @@ struct ieee8021qaz_tlvs *ieee8021qaz_data(const char *ifname) + struct ieee8021qaz_user_data *iud; + struct ieee8021qaz_tlvs *tlv = NULL; + +- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ); ++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ); + if (iud) { + LIST_FOREACH(tlv, &iud->head, entry) { + if (!strncmp(tlv->ifname, ifname, IFNAMSIZ)) +@@ -629,7 +628,7 @@ void ieee8021qaz_ifup(char *ifname, struct lldp_agent *agent) + LIST_INIT(&tlvs->app_head); + read_cfg_file(port->ifname, agent, tlvs); + +- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ); ++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ); + LIST_INSERT_HEAD(&iud->head, tlvs, entry); + + initialized: +@@ -2179,7 +2178,7 @@ int ieee8021qaz_tlvs_rxed(const char *ifname) + struct ieee8021qaz_user_data *iud; + struct ieee8021qaz_tlvs *tlv = NULL; + +- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ); ++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ); + if (iud) { + LIST_FOREACH(tlv, &iud->head, entry) { + if (!strncmp(tlv->ifname, ifname, IFNAMSIZ)) +@@ -2198,7 +2197,7 @@ int ieee8021qaz_check_active(const char *ifname) + struct ieee8021qaz_user_data *iud; + struct ieee8021qaz_tlvs *tlv = NULL; + +- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ); ++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ); + if (iud) { + LIST_FOREACH(tlv, &iud->head, entry) { + if (!strncmp(tlv->ifname, ifname, IFNAMSIZ)) +diff --git a/lldp_8023.c b/lldp_8023.c +index 422026e..8a03211 100644 +--- a/lldp_8023.c ++++ b/lldp_8023.c +@@ -39,8 +39,6 @@ + #include "lldp_8023_clif.h" + #include "lldp_8023_cmds.h" + +-extern struct lldp_head lldp_head; +- + struct tlv_info_8023_maccfg { + u8 oui[3]; + u8 sub; +@@ -84,7 +82,7 @@ static struct ieee8023_data *ieee8023_data(const char *ifname, enum agent_type t + struct ieee8023_user_data *ud; + struct ieee8023_data *bd = NULL; + +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023); + if (ud) { + LIST_FOREACH(bd, &ud->head, entry) { + if (!strncmp(ifname, bd->ifname, IFNAMSIZ) && +@@ -456,7 +454,7 @@ void ieee8023_ifup(char *ifname, struct lldp_agent *agent) + goto out_err; + } + +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023); + LIST_INSERT_HEAD(&ud->head, bd, entry); + LLDPAD_INFO("%s:port %s added\n", __func__, ifname); + return; +diff --git a/lldp_basman.c b/lldp_basman.c +index a4f69c1..614e2a2 100644 +--- a/lldp_basman.c ++++ b/lldp_basman.c +@@ -75,8 +75,6 @@ struct tlv_info_manaddr { + struct tlv_info_maoid o; + } __attribute__ ((__packed__)); + +-extern struct lldp_head lldp_head; +- + static const struct lldp_mod_ops basman_ops = { + .lldp_mod_register = basman_register, + .lldp_mod_unregister = basman_unregister, +@@ -91,7 +89,7 @@ static struct basman_data *basman_data(const char *ifname, enum agent_type type) + struct basman_user_data *bud; + struct basman_data *bd = NULL; + +- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC); ++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC); + if (bud) { + LIST_FOREACH(bd, &bud->head, entry) { + if (!strncmp(ifname, bd->ifname, IFNAMSIZ) && +@@ -688,7 +686,7 @@ void basman_ifup(char *ifname, struct lldp_agent *agent) + goto out_err; + } + +- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC); ++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC); + LIST_INSERT_HEAD(&bud->head, bd, entry); + LLDPAD_DBG("%s:port %s added\n", __func__, ifname); + return; +diff --git a/lldp_evb.c b/lldp_evb.c +index dcdcc7e..a8f3965 100644 +--- a/lldp_evb.c ++++ b/lldp_evb.c +@@ -36,14 +36,12 @@ + #include "messages.h" + #include "config.h" + +-extern struct lldp_head lldp_head; +- + struct evb_data *evb_data(char *ifname, enum agent_type type) + { + struct evb_user_data *ud; + struct evb_data *ed = NULL; + +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB); + if (ud) { + LIST_FOREACH(ed, &ud->head, entry) { + if (!strncmp(ifname, ed->ifname, IFNAMSIZ) && +@@ -347,7 +345,7 @@ static void evb_ifup(char *ifname, struct lldp_agent *agent) + + evb_init_tlv(ed, agent); + +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB); + LIST_INSERT_HEAD(&ud->head, ed, entry); + LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type); + } +diff --git a/lldp_evb22.c b/lldp_evb22.c +index 76ba883..6e92d9d 100644 +--- a/lldp_evb22.c ++++ b/lldp_evb22.c +@@ -37,14 +37,12 @@ + #include "messages.h" + #include "config.h" + +-extern struct lldp_head lldp_head; +- + struct evb22_data *evb22_data(char *ifname, enum agent_type type) + { + struct evb22_user_data *ud; + struct evb22_data *ed = NULL; + +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22); + if (ud) { + LIST_FOREACH(ed, &ud->head, entry) { + if (!strncmp(ifname, ed->ifname, IFNAMSIZ) && +@@ -453,7 +451,7 @@ static void evb22_ifup(char *ifname, struct lldp_agent *agent) + STRNCPY_TERMINATED(ed->ifname, ifname, IFNAMSIZ); + ed->agenttype = agent->type; + evb22_init_tlv(ed, agent); +- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22); ++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22); + LIST_INSERT_HEAD(&ud->head, ed, entry); + LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type); + } +diff --git a/lldp_mand.c b/lldp_mand.c +index 0db63cb..b857a88 100644 +--- a/lldp_mand.c ++++ b/lldp_mand.c +@@ -42,8 +42,6 @@ + #include "lldp/l2_packet.h" + #include "lldp_tlv.h" + +-extern struct lldp_head lldp_head; +- + static const struct lldp_mod_ops mand_ops = { + .lldp_mod_register = mand_register, + .lldp_mod_unregister = mand_unregister, +@@ -59,7 +57,7 @@ struct mand_data *mand_data(const char *ifname, enum agent_type type) + struct mand_user_data *mud; + struct mand_data *md = NULL; + +- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND); ++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND); + if (mud) { + LIST_FOREACH(md, &mud->head, entry) { + if (!strncmp(ifname, md->ifname, IFNAMSIZ) && +@@ -608,7 +606,7 @@ void mand_ifup(char *ifname, struct lldp_agent *agent) + STRNCPY_TERMINATED(md->ifname, ifname, IFNAMSIZ); + md->agenttype = agent->type; + +- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND); ++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND); + LIST_INSERT_HEAD(&mud->head, md, entry); + } + +@@ -636,7 +634,7 @@ struct lldp_module *mand_register(void) + LLDPAD_ERR("failed to malloc LLDP Mandatory module data\n"); + goto out_err; + } +- mud = malloc(sizeof(struct mand_user_data)); ++ mud = malloc(sizeof(struct mand_user_data)); + if (!mud) { + free(mod); + LLDPAD_ERR("failed to malloc LLDP Mandatory module user data\n"); +@@ -644,8 +642,8 @@ struct lldp_module *mand_register(void) + } + LIST_INIT(&mud->head); + mod->id = LLDP_MOD_MAND; ++ mod->data = mud; + mod->ops = &mand_ops; +- mod->data = mud; + LLDPAD_INFO("%s:done\n", __func__); + return mod; + out_err: +diff --git a/lldp_med.c b/lldp_med.c +index f6c373e..7b6996e 100644 +--- a/lldp_med.c ++++ b/lldp_med.c +@@ -40,8 +40,6 @@ + #include "lldp_mand_clif.h" + #include "lldp_med_cmds.h" + +-extern struct lldp_head lldp_head; +- + struct tlv_info_medcaps { + u8 oui[OUI_SIZE]; + u8 subtype; +@@ -95,7 +93,7 @@ static struct med_data *med_data(const char *ifname, enum agent_type type) + struct med_user_data *mud; + struct med_data *md = NULL; + +- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED); ++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED); + if (mud) { + LIST_FOREACH(md, &mud->head, entry) { + if (!strncmp(ifname, md->ifname, IFNAMSIZ) && +@@ -914,7 +912,7 @@ void med_ifup(char *ifname, struct lldp_agent *agent) + free(md); + goto out_err; + } +- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED); ++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED); + LIST_INSERT_HEAD(&mud->head, md, entry); + LLDPAD_INFO("%s:port %s added\n", __func__, ifname); + return; +diff --git a/qbg_utils.c b/qbg_utils.c +index 9daeade..0d40c5b 100644 +--- a/qbg_utils.c ++++ b/qbg_utils.c +@@ -36,7 +36,6 @@ + #include "qbg_utils.h" + + extern int loglvl; /* Global lldpad log level */ +-extern struct lldp_head lldp_head; + + /* + * hexdump_frame - print raw evb/ecp/vdp frame +@@ -73,7 +72,7 @@ void hexdump_frame(const char *ifname, char *txt, const unsigned char *buf, + */ + int modules_notify(int id, int sender_id, char *ifname, void *data) + { +- struct lldp_module *mp = find_module_by_id(&lldp_head, id); ++ struct lldp_module *mp = find_module_by_id(&lldp_mod_head, id); + int rc = 0; + + if (mp && mp->ops->lldp_mod_notify) +-- +2.18.1 + diff --git a/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb b/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb index d8a0d6913a..ec3e557ad9 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb @@ -27,6 +27,7 @@ SRC_URI = "git://github.com/intel/openlldp.git;protocol=https;branch=master \ file://0007-lldp_8021qaz-extern-config-object.patch \ file://0008-stringops-fix-some-string-copy-errors.patch \ file://0009-8021qaz-mark-prio-map-functions-static.patch \ + file://lldp_head-remove-all-references.patch \ " # Makefile.am adds -Werror to AM_CFLAGS. There are warnings so disable it. diff --git a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb index 799cf8611c..bb1ee7d7ae 100644 --- a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb @@ -16,3 +16,10 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig binconfig BBCLASSEXTEND = "native nativesdk" + +do_install_append() { + sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \ + -i ${D}${libdir}/pkgconfig/*.pc +} diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb index ae92de2db3..1d227dac6c 100644 --- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb @@ -3,14 +3,14 @@ HOMEPAGE = "http://talloc.samba.org" SECTION = "libs" LICENSE = "LGPL-3.0+ & GPL-3.0+" LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \ - file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d" + file://pytalloc.h;beginline=1;endline=18;md5=21ab13bd853679d7d47a1739cb3b7db6 \ + " SRC_URI = "https://www.samba.org/ftp/talloc/talloc-${PV}.tar.gz \ file://options-2.2.0.patch \ " -SRC_URI[md5sum] = "3376a86bdf9dd4abc6b8d8d645390902" -SRC_URI[sha256sum] = "27a03ef99e384d779124df755deb229cd1761f945eca6d200e8cfd9bf5297bd7" +SRC_URI[sha256sum] = "6be95b2368bd0af1c4cd7a88146eb6ceea18e46c3ffc9330bf6262b40d1d8aaa" inherit waf-samba diff --git a/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb b/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb index 959cccf357..32a9307c3f 100644 --- a/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb @@ -11,7 +11,7 @@ SRC_URI = "\ https://github.com/nghttp2/nghttp2/releases/download/v${PV}/nghttp2-${PV}.tar.xz \ file://0001-fetch-ocsp-response-use-python3.patch \ " -SRC_URI[sha256sum] = "f7d54fa6f8aed29f695ca44612136fa2359013547394d5dffeffca9e01a26b0f" +SRC_URI[sha256sum] = "5699473b29941e8dafed10de5c8cb37a3581edf62ba7d04b911ca247d4de3c5d" inherit cmake manpages python3native PACKAGECONFIG[manpages] = "" diff --git a/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch b/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch new file mode 100644 index 0000000000..8fdd62d186 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch @@ -0,0 +1,116 @@ +From 1ec621c85b9411cc611652fd57a892cfef478af3 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Sat, 15 May 2021 19:53:46 +0200 +Subject: [PATCH] Added further checks + +Upstream-Status: Backport [https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3] +CVE: CVE-2021-36082 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> + +--- + src/lib/protocols/netbios.c | 2 +- + src/lib/protocols/tls.c | 32 +++++++++++++++++--------------- + 2 files changed, 18 insertions(+), 16 deletions(-) + +diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c +index 1f3850cb..0d3b705f 100644 +--- a/src/lib/protocols/netbios.c ++++ b/src/lib/protocols/netbios.c +@@ -42,7 +42,7 @@ int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len + int ret = 0, len, idx = inlen; + char *b; + +- len = (*in++)/2; ++ len = (*in++)/2, inlen--; + b = out; + *out = 0; + +diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c +index 5b572cae..c115ac08 100644 +--- a/src/lib/protocols/tls.c ++++ b/src/lib/protocols/tls.c +@@ -994,21 +994,23 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, + i += 4 + extension_len, offset += 4 + extension_len; + } + +- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version); ++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version); + +- for(i=0; i<ja3.num_cipher; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]); ++ for(i=0; (i<ja3.num_cipher) && (JA3_STR_LEN > ja3_str_len); i++) { ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]); + + if(rc <= 0) break; else ja3_str_len += rc; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); +- if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; ++ if(JA3_STR_LEN > ja3_str_len) { ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); ++ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; ++ } + + /* ********** */ + +- for(i=0; i<ja3.num_tls_extension; i++) { +- int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]); ++ for(i=0; (i<ja3.num_tls_extension) && (JA3_STR_LEN-ja3_str_len); i++) { ++ int rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]); + + if(rc <= 0) break; else ja3_str_len += rc; + } +@@ -1443,41 +1445,41 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, + int rc; + + compute_ja3c: +- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version); ++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version); + + for(i=0; i<ja3.num_cipher; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.cipher[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + /* ********** */ + + for(i=0; i<ja3.num_tls_extension; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.tls_extension[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + /* ********** */ + + for(i=0; i<ja3.num_elliptic_curve; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.elliptic_curve[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + for(i=0; i<ja3.num_elliptic_curve_point_format; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.elliptic_curve_point_format[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb b/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb index 22e4d8e9ae..b90f575b93 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b52f2d57d10c4f7ee67a7eb9615d5d24" SRCREV = "64929a75e0a7a60d864bd25a9fd97fdf9ac892a2" SRC_URI = "git://github.com/ntop/nDPI.git;branch=3.4-stable \ file://0001-autogen.sh-not-generate-configure.patch \ + file://CVE-2021-36082.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb index 6acd849f89..2e0fdae63b 100644 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb @@ -19,7 +19,7 @@ SRC_URI += " \ UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[sha256sum] = "12a678208f8cb009e6b9d96026e41a6ef03c7ad086b9e1029f42053b249b4628" +SRC_URI[sha256sum] = "6c4cee51ef997cb9d9aaee84113525a5629157d3c743d7c4e320000de804a09d" PE = "1" |