Date: Mon, 25 Nov 2013 17:39:54 GMT From: Ruslan Makhmatkhanov <rm@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/184288: [patch] fix security/nmap runtime on -current Message-ID: <201311251739.rAPHdsB8022469@oldred.freebsd.org> Resent-Message-ID: <201311251740.rAPHe0TG077160@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 184288 >Category: ports >Synopsis: [patch] fix security/nmap runtime on -current >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Nov 25 17:40:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Ruslan Makhmatkhanov >Release: 11.0-CURRENT >Organization: >Environment: >Description: Here is the description: http://lists.freebsd.org/pipermail/freebsd-current/2013-November/046784.html Here is the solution: https://github.com/nmap/nmap/commit/542b0af577dabab68a63b5c20b36c6ec9061b77d#diff-d604578eada1b9284c2f74ba369b7ab9 Attached backport of upstream patch works perfectly for me. >How-To-Repeat: >Fix: Patch attached with submission follows: --- ./libnetutil/netutil.cc.orig 2013-07-29 02:08:48.000000000 +0400 +++ ./libnetutil/netutil.cc 2013-11-25 21:32:04.000000000 +0400 @@ -1319,7 +1319,11 @@ /* The first time through the loop we add the primary interface record. After that we add the aliases one at a time. */ if (!primary_done) { - if (addr_ntos(&entry->intf_addr, (struct sockaddr *) &tmpss) == -1) { + if ( (addr_ntos(&entry->intf_addr, (struct sockaddr *) &tmpss) == -1) +#ifdef AF_LINK + || (tmpss.ss_family == AF_LINK) +#endif + ) { dcrn->ifaces[dcrn->numifaces].addr.ss_family = 0; } else { rc = canonicalize_address(&tmpss, &dcrn->ifaces[dcrn->numifaces].addr); @@ -1328,7 +1332,11 @@ dcrn->ifaces[dcrn->numifaces].netmask_bits = entry->intf_addr.addr_bits; primary_done = true; } else if (num_aliases_done < entry->intf_alias_num) { - if (addr_ntos(&entry->intf_alias_addrs[num_aliases_done], (struct sockaddr *) &tmpss) == -1) { + if ( (addr_ntos(&entry->intf_alias_addrs[num_aliases_done], (struct sockaddr *) &tmpss) == -1) +#ifdef AF_LINK + || (tmpss.ss_family == AF_LINK) +#endif + ) { dcrn->ifaces[dcrn->numifaces].addr.ss_family = 0; } else { rc = canonicalize_address(&tmpss, &dcrn->ifaces[dcrn->numifaces].addr); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311251739.rAPHdsB8022469>