[pkgsrc/trunk]: pkgsrc/net/tcpdump - Update to nb1 for security issues

[adrianp <adrianp%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/e371730c6ddc
branches:  trunk
changeset: 494712:e371730c6ddc
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Sat May 28 14:15:23 2005 +0000

description:
- Update to nb1 for security issues
- Patches from tcpdump.org CVS tree

diffstat:

 net/tcpdump/Makefile         |   3 ++-
 net/tcpdump/distinfo         |   6 +++++-
 net/tcpdump/patches/patch-ac |  13 +++++++++++++
 net/tcpdump/patches/patch-ad |  23 +++++++++++++++++++++++
 net/tcpdump/patches/patch-ae |  14 ++++++++++++++
 net/tcpdump/patches/patch-af |  24 ++++++++++++++++++++++++
 6 files changed, 81 insertions(+), 2 deletions(-)

diffs (118 lines):

diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/Makefile
--- a/net/tcpdump/Makefile      Sat May 28 13:08:39 2005 +0000
+++ b/net/tcpdump/Makefile      Sat May 28 14:15:23 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.14 2005/04/11 21:47:00 tv Exp $
+# $NetBSD: Makefile,v 1.15 2005/05/28 14:15:23 adrianp Exp $
 
 DISTNAME=              tcpdump-3.8.3
+PKGREVISION=           1
 CATEGORIES=            net
 MASTER_SITES=          http://www.tcpdump.org/release/
 
diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/distinfo
--- a/net/tcpdump/distinfo      Sat May 28 13:08:39 2005 +0000
+++ b/net/tcpdump/distinfo      Sat May 28 14:15:23 2005 +0000
@@ -1,7 +1,11 @@
-$NetBSD: distinfo,v 1.7 2005/03/26 16:40:33 dmcmahill Exp $
+$NetBSD: distinfo,v 1.8 2005/05/28 14:15:23 adrianp Exp $
 
 SHA1 (tcpdump-3.8.3.tar.gz) = 7ae3c29fe843fc23ae89acd8b1b1e513213f6042
 RMD160 (tcpdump-3.8.3.tar.gz) = 585c1ad9a93a8329b1d60057dd334e7b1a88097c
 Size (tcpdump-3.8.3.tar.gz) = 567116 bytes
 SHA1 (patch-aa) = d70302c6fa68d0d170fa5c22ce0a348bdf0233be
 SHA1 (patch-ab) = 628f0ecf34a7c9a5c17000b234360f7846c07847
+SHA1 (patch-ac) = 7dd47ee3ebaeba29c78bed66242739f0ded4a7f1
+SHA1 (patch-ad) = 2229b6cf3af0b30bc612e3dca796f01d8e8bae90
+SHA1 (patch-ae) = 9c3b318668c3558a9cee3ce90fe7ac17fd748de5
+SHA1 (patch-af) = c0c0ce4a3a3eda013fea164ed173181b271ad6b1
diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/tcpdump/patches/patch-ac      Sat May 28 14:15:23 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.1 2005/05/28 14:15:23 adrianp Exp $
+
+--- print-bgp.c.orig   2005-05-06 09:08:17.000000000 +0100
++++ print-bgp.c
+@@ -1216,6 +1216,8 @@ bgp_attr_print(const struct bgp_attr *at
+                             tptr = pptr + len;
+                             break;
+                       }
++                      if (advance < 0) /* infinite loop protection */
++                              break;
+                       tptr += advance;
+               }
+               break;
diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/tcpdump/patches/patch-ad      Sat May 28 14:15:23 2005 +0000
@@ -0,0 +1,23 @@
+$NetBSD: patch-ad,v 1.1 2005/05/28 14:15:23 adrianp Exp $
+
+--- print-isoclns.c.orig       2005-05-06 09:11:15.000000000 +0100
++++ print-isoclns.c
+@@ -1506,6 +1506,9 @@ static int isis_print (const u_int8_t *p
+                tlv_type,
+                tlv_len);
+ 
++      if (tlv_len == 0) /* something is malformed */
++              break;
++
+         /* now check if we have a decoder otherwise do a hexdump at the end*/
+       switch (tlv_type) {
+       case TLV_AREA_ADDR:
+@@ -1536,7 +1539,7 @@ static int isis_print (const u_int8_t *p
+           break;
+ 
+         case TLV_ISNEIGH_VARLEN:
+-            if (!TTEST2(*tptr, 1))
++            if (!TTEST2(*tptr, 1) || tmp < 3) /* min. TLV length */
+               goto trunctlv;
+           lan_alen = *tptr++; /* LAN adress length */
+             tmp --;
diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/tcpdump/patches/patch-ae      Sat May 28 14:15:23 2005 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-ae,v 1.1 2005/05/28 14:15:23 adrianp Exp $
+
+--- print-ldp.c.orig   2005-05-06 09:17:24.000000000 +0100
++++ print-ldp.c
+@@ -326,6 +326,9 @@ ldp_print(register const u_char *pptr, r
+                EXTRACT_32BITS(&ldp_msg_header->id),
+                LDP_MASK_U_BIT(EXTRACT_16BITS(&ldp_msg_header->type)) ? "continue processing" : "ignore");
+ 
++      if (msg_len == 0) /* infinite loop protection */
++              break;
++
+         msg_tptr=tptr+sizeof(struct ldp_msg_header);
+         msg_tlen=msg_len-sizeof(struct ldp_msg_header)+4; /* Type & Length fields not included */
+ 
diff -r 0ff7ae483865 -r e371730c6ddc net/tcpdump/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/tcpdump/patches/patch-af      Sat May 28 14:15:23 2005 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-af,v 1.1 2005/05/28 14:15:23 adrianp Exp $
+
+--- print-rsvp.c.orig  2004-03-24 04:01:08.000000000 +0000
++++ print-rsvp.c
+@@ -875,10 +875,17 @@ rsvp_print(register const u_char *pptr, 
+             switch(rsvp_obj_ctype) {
+             case RSVP_CTYPE_IPV4:
+                 while(obj_tlen >= 4 ) {
+-                    printf("\n\t    Subobject Type: %s",
++                    printf("\n\t    Subobject Type: %s, length %u",
+                            tok2str(rsvp_obj_xro_values,
+                                    "Unknown %u",
+-                                   RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)));                
++                                   RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)),
++                           *(obj_tptr+1));                
++
++                    if (*(obj_tptr+1) == 0) { /* prevent infinite loops */
++                        printf("\n\t      ERROR: zero length ERO subtype");
++                        break;
++                    }
++
+                     switch(RSVP_OBJ_XRO_MASK_SUBOBJ(*obj_tptr)) {
+                     case RSVP_OBJ_XRO_IPV4:
+                         printf(", %s, %s/%u, Flags: [%s]",