Date: Sun, 22 May 2022 05:44:32 GMT From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 5212323270f6 - main - security/openvas: update to 21.4.4 Message-ID: <202205220544.24M5iWnG005601@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=5212323270f6dbd887a9c4a427a1e2c838557c6f commit 5212323270f6dbd887a9c4a427a1e2c838557c6f Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> AuthorDate: 2022-05-22 05:39:40 +0000 Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> CommitDate: 2022-05-22 05:43:00 +0000 security/openvas: update to 21.4.4 ChangeLog at: https://github.com/greenbone/openvas-scanner/releases/tag/v21.4.4 --- security/openvas/Makefile | 6 +- security/openvas/distinfo | 6 +- security/openvas/files/patch-misc_pcap.c | 101 ++++++++++ .../openvas/files/patch-nasl_nasl_frame_forgery.c | 209 +++++++++++++++++++++ .../openvas/files/patch-nasl_nasl_packet_forgery.c | 84 ++++++++- .../files/patch-nasl_nasl_packet_forgery_v6.c | 37 +++- security/openvas/files/patch-src_sighand.c | 11 ++ security/openvas/pkg-plist | 4 +- 8 files changed, 433 insertions(+), 25 deletions(-) diff --git a/security/openvas/Makefile b/security/openvas/Makefile index ecf1a273ad2d..8786d9135330 100644 --- a/security/openvas/Makefile +++ b/security/openvas/Makefile @@ -1,5 +1,5 @@ PORTNAME= openvas -DISTVERSION= 21.4.3 +DISTVERSION= 21.4.4 DISTVERSIONPREFIX= v CATEGORIES= security @@ -20,6 +20,7 @@ LIB_DEPENDS= libgvm_base.so:security/gvm-libs \ RUN_DEPENDS= redis-server:databases/redis \ snmpget:net-mgmt/net-snmp \ rsync:net/rsync \ + nmap:security/nmap \ ${PYTHON_PKGNAMEPREFIX}impacket>=0:net/py-impacket@${PY_FLAVOR} USE_GITHUB= yes GH_ACCOUNT= greenbone @@ -31,6 +32,9 @@ USE_GNOME= glib20 USERS= gvm GROUPS= ${USERS} +post-patch: + @${REINPLACE_CMD} -e 's|g_pattern_match_string|g_pattern_spec_match_string|g' ${WRKSRC}/misc/strutils.c + post-install: @${MKDIR} ${STAGEDIR}/var/run/ospd diff --git a/security/openvas/distinfo b/security/openvas/distinfo index 953e25fdccfc..3e1a580b3e4a 100644 --- a/security/openvas/distinfo +++ b/security/openvas/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1635387094 -SHA256 (greenbone-openvas-scanner-v21.4.3_GH0.tar.gz) = 67d4804c651455b38a6dbe95e52b206431ce9f3b4680f6ba598fd866e2558fa3 -SIZE (greenbone-openvas-scanner-v21.4.3_GH0.tar.gz) = 454482 +TIMESTAMP = 1646618189 +SHA256 (greenbone-openvas-scanner-v21.4.4_GH0.tar.gz) = 94af7113c8f16754eebf0a7e26c231586e3c2b70342d818d20cf24be4f40c578 +SIZE (greenbone-openvas-scanner-v21.4.4_GH0.tar.gz) = 460601 diff --git a/security/openvas/files/patch-misc_pcap.c b/security/openvas/files/patch-misc_pcap.c new file mode 100644 index 000000000000..13deb1337376 --- /dev/null +++ b/security/openvas/files/patch-misc_pcap.c @@ -0,0 +1,101 @@ +--- misc/pcap.c 2022-02-22 05:32:53.000000000 -0500 ++++ misc/pcap.c 2022-05-21 23:28:28.467854000 -0500 +@@ -38,6 +38,13 @@ + #include <sys/ioctl.h> + #include <sys/param.h> + #include <sys/types.h> ++#if defined __FreeBSD__ ++#include <sys/socket.h> ++#include <net/if.h> ++#include <net/if_dl.h> ++#include <net/if_types.h> ++#include <errno.h> ++#endif + #include <unistd.h> + + #define MAXROUTES 1024 +@@ -1196,8 +1203,84 @@ + } + else + { ++#if defined(__FreeBSD__) ++ void * addr_ptr; ++ struct sockaddr * sockaddr_ptr; ++ struct ifaddrs * ifaddrs_ptr; ++ int status; ++ char address[INET6_ADDRSTRLEN]; ++ unsigned long tmp; ++ ++ status = getifaddrs (& ifaddrs_ptr); ++ if(status == -1) { ++ g_debug("Error in 'getifaddrs': %d (%s)\n", ++ errno, strerror (errno)); ++ exit (1); ++ } ++ ++ while (ifaddrs_ptr) ++ { ++ if (ifaddrs_ptr->ifa_addr->sa_family == AF_INET) ++ { ++ strncpy (iface, ifaddrs_ptr->ifa_name, sizeof (iface)); ++ iface[MAX_IFACE_NAME_LEN - 1] = '\0'; ++ ++ sockaddr_ptr = ifaddrs_ptr->ifa_dstaddr; ++ addr_ptr = &((struct sockaddr_in *) sockaddr_ptr)->sin_addr; ++ ++ inet_ntop (ifaddrs_ptr->ifa_addr->sa_family, ++ addr_ptr, ++ address, sizeof (address)); ++ ++ endptr = NULL; ++ tmp = strtoul (address, &endptr, 16); ++ myroutes[numroutes].dest = tmp; ++ ++ endptr = NULL; ++ tmp = strtol ("0", &endptr, 10); ++ myroutes[numroutes].metric = tmp; ++ ++ sockaddr_ptr = ifaddrs_ptr->ifa_netmask; ++ addr_ptr = &((struct sockaddr_in *) sockaddr_ptr)->sin_addr; ++ ++ inet_ntop (ifaddrs_ptr->ifa_addr->sa_family, ++ addr_ptr, ++ address, sizeof (address)); ++ ++ endptr = NULL; ++ tmp = strtoul (address, &endptr, 16); ++ myroutes[numroutes].mask = tmp; ++ ++ g_debug("#%d: for dev %s, The dest is %lX and the mask is %lX", ++ numroutes, iface, myroutes[numroutes].dest, ++ myroutes[numroutes].mask); ++ ++ for (i = 0; i < numinterfaces; i++) ++ if (!strcmp (iface, mydevs[i].name)) ++ { ++ myroutes[numroutes].dev = &mydevs[i]; ++ break; ++ } ++ ++ if (i == numinterfaces) ++ g_message ( ++ "Failed to find interface %s", ++ iface); ++ ++ numroutes++; ++ ++ if (numroutes >= MAXROUTES) ++ { ++ g_message ("You seem to have WAY to many routes!"); ++ break; ++ } ++ } ++ ifaddrs_ptr = ifaddrs_ptr->ifa_next; ++ } ++#else + g_message ("Could not read from /proc/net/route"); + return NULL; ++#endif + } + } + else diff --git a/security/openvas/files/patch-nasl_nasl_frame_forgery.c b/security/openvas/files/patch-nasl_nasl_frame_forgery.c new file mode 100644 index 000000000000..51d880b7f29e --- /dev/null +++ b/security/openvas/files/patch-nasl_nasl_frame_forgery.c @@ -0,0 +1,209 @@ +--- nasl/nasl_frame_forgery.c 2022-04-12 18:39:11.965973000 -0500 ++++ nasl/nasl_frame_forgery.c 2022-04-12 22:42:28.026027000 -0500 +@@ -33,12 +33,17 @@ + + #include <errno.h> + #include <gvm/base/networking.h> ++#if defined(linux) + #include <linux/if_packet.h> ++#include <netinet/ether.h> ++#endif + #include <net/ethernet.h> + #include <net/if.h> + #include <net/if_arp.h> +-#include <netinet/ether.h> ++#include <net/if_dl.h> + #include <netinet/if_ether.h> ++#include <netinet/in.h> ++#include <arpa/inet.h> + #include <stdint.h> + #include <stdio.h> + #include <stdlib.h> +@@ -51,6 +56,13 @@ + */ + #define G_LOG_DOMAIN "lib misc" + ++#if defined(__FreeBSD__) ++#define ETH_ALEN ETHER_ADDR_LEN ++#define ETH_P_ARP ETHERTYPE_ARP ++#define ETH_P_ALL 0x0003 ++#define ETH_HLEN ETHER_HDR_LEN ++#endif ++ + struct pseudo_eth_arp + { + struct arphdr arp_header; +@@ -63,7 +75,11 @@ + + struct pseudo_frame + { ++#if defined(__FreeBSD__) ++ struct ether_header framehdr; ++#else + struct ethhdr framehdr; ++#endif + u_char *payload; + } __attribute__ ((packed)); + +@@ -95,7 +111,23 @@ + * @param[in] ifindex The interface index to be use for capturing. + * @param[in] ether_dst_addr The dst MAC address. + */ ++ ++#if defined(__FreeBSD__) + static void ++prepare_sockaddr_ll (struct sockaddr_dl *addr, int ifindex, ++ const u_char *ether_dst_addr) ++{ ++ struct sockaddr_dl *sdl = (struct sockaddr_dl *)addr; ++ ++ sdl->sdl_family = AF_LINK; ++ sdl->sdl_index = ifindex; ++ sdl->sdl_alen = ETHER_ADDR_LEN; ++ sdl->sdl_type = htons (ETH_P_ALL); ++ ++ memcpy (sdl->sdl_data + sdl->sdl_nlen, ether_dst_addr, ETHER_ADDR_LEN); ++} ++#else ++static void + prepare_sockaddr_ll (struct sockaddr_ll *soc_addr_ll, int ifindex, + const u_char *ether_dst_addr) + { +@@ -105,6 +137,7 @@ + soc_addr_ll->sll_protocol = htons (ETH_P_ALL); + memcpy (soc_addr_ll->sll_addr, ether_dst_addr, ETHER_ADDR_LEN); + } ++#endif + + /** @brief Prepare message header to be sent with sendmsg(). + * +@@ -113,6 +146,7 @@ + * @param[in] payload The payload, a datalink layer frame with payload + * @param[in] payload_sz The payload size. + */ ++#if !defined(__FreeBSD__) + static void + prepare_message (u_char *msg, struct sockaddr_ll *soc_addr_ll, u_char *payload, + int payload_sz) +@@ -135,7 +169,31 @@ + memcpy (msg, (u_char *) message, sizeof (struct msghdr) + payload_sz); + g_free (message); + } ++#else ++static void ++prepare_message (u_char *msg, struct sockaddr_dl *soc_addr_dl, u_char *payload, ++ int payload_sz) ++{ ++ struct iovec iov; ++ struct msghdr *message; + ++ iov.iov_base = payload; ++ iov.iov_len = payload_sz; ++ ++ message = g_malloc0 (sizeof (struct msghdr) + payload_sz); ++ ++ message->msg_name = soc_addr_dl; ++ message->msg_namelen = sizeof (struct sockaddr_dl); ++ message->msg_iov = &iov; ++ message->msg_iovlen = 1; ++ message->msg_control = 0; ++ message->msg_controllen = 0; ++ ++ memcpy (msg, (u_char *) message, sizeof (struct msghdr) + payload_sz); ++ g_free (message); ++} ++#endif ++ + /** @brief Send a frame and listen to the answer + * + * @param[in]frame The frame to be sent. +@@ -163,7 +221,11 @@ + int answer_sz = -1; + + // Create the raw socket ++#if defined(__FreeBSD__) ++ soc = socket (AF_INET, SOCK_RAW, htons (ETH_P_ALL)); ++#else + soc = socket (AF_PACKET, SOCK_RAW, htons (ETH_P_ALL)); ++#endif + if (soc == -1) + { + g_debug ("%s: %s", __func__, strerror (errno)); +@@ -181,8 +243,12 @@ + u_char dst_haddr[ETHER_ADDR_LEN]; + memcpy (&dst_haddr, (struct pseudo_frame *) frame, ETHER_ADDR_LEN); + ++#if defined(__FreeBSD__) ++ struct sockaddr_dl soc_addr; ++#else + struct sockaddr_ll soc_addr; +- memset (&soc_addr, '\0', sizeof (struct sockaddr_ll)); ++#endif ++ memset (&soc_addr, '\0', sizeof (struct sockaddr_dl)); + prepare_sockaddr_ll (&soc_addr, ifindex, dst_haddr); + + /* Init capture */ +@@ -193,7 +259,7 @@ + struct in_addr sin, this_host; + memset (&sin, '\0', sizeof (struct in_addr)); + memset (&this_host, '\0', sizeof (struct in_addr)); +- sin.s_addr = ipaddr->s6_addr32[3]; ++ sin.s_addr = ipaddr->s6_addr[12]; + bpf = init_capture_device (sin, this_host, filter); + } + else +@@ -249,10 +315,15 @@ + + *frame = (struct pseudo_frame *) g_malloc0 (sizeof (struct pseudo_frame) + + payload_sz); +- ++#if defined(__FreeBSD__) ++ memcpy ((*frame)->framehdr.ether_dhost, ether_dst_addr, ETHER_ADDR_LEN); ++ memcpy ((*frame)->framehdr.ether_shost, ether_src_addr, ETHER_ADDR_LEN); ++ (*frame)->framehdr.ether_type = htons (ether_proto); ++#else + memcpy ((*frame)->framehdr.h_dest, ether_dst_addr, ETHER_ADDR_LEN); + memcpy ((*frame)->framehdr.h_source, ether_src_addr, ETHER_ADDR_LEN); + (*frame)->framehdr.h_proto = htons (ether_proto); ++#endif + (*frame)->payload = payload; + + frame_sz = ETH_HLEN + payload_sz; +@@ -416,21 +487,24 @@ + strncpy (ifr.ifr_name, if_name, sizeof (ifr.ifr_name) - 1); + g_free (if_name); + ifr.ifr_name[sizeof (ifr.ifr_name) - 1] = '\0'; +- ++#if defined(__FreeBSD__) ++ sock = socket(AF_INET, SOCK_DGRAM, 0); ++#else + sock = socket (PF_INET, SOCK_STREAM, 0); ++#endif + if (-1 == sock) + { + perror ("socket() "); + return -1; + } + +- if (-1 == ioctl (sock, SIOCGIFHWADDR, &ifr)) ++ if (-1 == ioctl (sock, SIOCGIFCONF, &ifr)) + { +- g_debug ("%s: ioctl(SIOCGIFHWADDR)", __func__); ++ g_debug ("%s: ioctl(SIOCGIFCONF)", __func__); + return -1; + } + +- memcpy (mac, (u_char *) ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN); ++ memcpy (mac, (u_char *) ifr.ifr_data, ETHER_ADDR_LEN); + close (sock); + + return 0; +@@ -504,7 +578,7 @@ + return retc; + + memset (&dst_inaddr, '\0', sizeof (struct in_addr)); +- dst_inaddr.s_addr = dst->s6_addr32[3]; ++ dst_inaddr.s_addr = dst->s6_addr[12]; + routethrough (&dst_inaddr, &src_inaddr); + ipv4_as_ipv6 (&src_inaddr, &src); + diff --git a/security/openvas/files/patch-nasl_nasl_packet_forgery.c b/security/openvas/files/patch-nasl_nasl_packet_forgery.c index af75a2f6e87e..4f4a8aecfee2 100644 --- a/security/openvas/files/patch-nasl_nasl_packet_forgery.c +++ b/security/openvas/files/patch-nasl_nasl_packet_forgery.c @@ -1,5 +1,5 @@ ---- nasl/nasl_packet_forgery.c 2021-04-15 09:39:00.000000000 -0500 -+++ nasl/nasl_packet_forgery.c 2021-06-14 20:22:38.283404000 -0500 +--- nasl/nasl_packet_forgery.c 2022-02-22 05:32:53.000000000 -0500 ++++ nasl/nasl_packet_forgery.c 2022-05-20 22:17:07.796127000 -0500 @@ -33,6 +33,12 @@ #include "nasl_tree.h" #include "nasl_var.h" @@ -25,16 +25,64 @@ /*--------------[ cksum ]-----------------------------------------*/ /* -@@ -163,7 +174,7 @@ - if (s != NULL) - inet_aton (s, &pkt->ip_dst); +@@ -119,6 +130,7 @@ + struct in6_addr *dst_addr; + char *data; + int data_len; ++ struct in_addr tmp_src, tmp_dst; + + dst_addr = plug_get_host_ip (script_infos); + +@@ -153,17 +165,21 @@ + pkt->ip_sum = htons (get_int_var_by_name (lexic, "ip_sum", 0)); + /* source */ + s = get_str_var_by_name (lexic, "ip_src"); +- if (s != NULL) +- inet_aton (s, &pkt->ip_src); ++ if (s != NULL) { ++ inet_aton (s, &tmp_src); ++ pkt->ip_src = tmp_src; ++ } + /* else this host address? */ + + /* I know that this feature looks dangerous, but anybody can edit an IP + * packet with the string functions */ + s = get_str_var_by_name (lexic, "ip_dst"); +- if (s != NULL) +- inet_aton (s, &pkt->ip_dst); ++ if (s != NULL) { ++ inet_aton (s, &tmp_dst); ++ pkt->ip_dst = tmp_dst; ++ } else - pkt->ip_dst.s_addr = dst_addr->s6_addr32[3]; + memcpy(&pkt->ip_dst.s_addr, &dst_addr->s6_addr[12], 4); if (data != NULL) { -@@ -2086,7 +2097,7 @@ +@@ -314,6 +330,7 @@ + int size = get_var_size_by_name (lexic, "ip"); + tree_cell *retc; + struct ip *pkt; ++ struct in_addr tmp_src; + char *s; + + if (o_pkt == NULL) +@@ -337,9 +354,10 @@ + pkt->ip_p = get_int_var_by_name (lexic, "ip_p", pkt->ip_p); + + s = get_str_var_by_name (lexic, "ip_src"); +- if (s != NULL) +- inet_aton (s, &pkt->ip_src); +- ++ if (s != NULL) { ++ inet_aton (s, &tmp_src); ++ pkt->ip_src = tmp_src; ++ } + pkt->ip_sum = htons (get_int_var_by_name (lexic, "ip_sum", 0)); + if (pkt->ip_sum == 0) + pkt->ip_sum = np_in_cksum ((u_short *) pkt, sizeof (struct ip)); +@@ -2088,7 +2106,7 @@ if (dst == NULL || (IN6_IS_ADDR_V4MAPPED (dst) != 1)) return NULL; @@ -43,7 +91,7 @@ for (i = 0; i < sizeof (sports) / sizeof (int); i++) { if (sports[i] == 0) -@@ -2104,7 +2115,7 @@ +@@ -2106,7 +2124,7 @@ port = plug_get_host_open_port (script_infos); if (islocalhost (&inaddr) > 0) @@ -52,7 +100,13 @@ else { bzero (&src, sizeof (src)); -@@ -2229,7 +2240,7 @@ +@@ -2226,12 +2244,12 @@ + int opt_on = 1; + struct script_infos *script_infos = lexic->script_infos; + struct in6_addr *dstip = plug_get_host_ip (script_infos); +- struct in_addr inaddr; ++ struct in_addr inaddr, tmp_dst; + int allow_broadcast = 0; if (dstip == NULL || (IN6_IS_ADDR_V4MAPPED (dstip) != 1)) return NULL; @@ -61,7 +115,17 @@ soc = socket (AF_INET, SOCK_RAW, IPPROTO_RAW); if (soc < 0) return NULL; -@@ -2369,7 +2380,7 @@ +@@ -2302,7 +2320,8 @@ + /* if(b < 0) perror("sendto "); */ + if (b >= 0 && use_pcap != 0 && bpf >= 0) + { +- if (islocalhost (&sip->ip_dst)) ++ tmp_dst = sip->ip_dst; ++ if (islocalhost (&tmp_dst)) + { + answer = (u_char *) capture_next_packet (bpf, to, &answer_sz); + while (answer != NULL +@@ -2371,7 +2390,7 @@ { struct in_addr src; bzero (&src, sizeof (src)); @@ -70,7 +134,7 @@ interface = routethrough (&inaddr, &src); } else -@@ -2518,7 +2529,7 @@ +@@ -2520,7 +2539,7 @@ { struct in_addr src; bzero (&src, sizeof (src)); diff --git a/security/openvas/files/patch-nasl_nasl_packet_forgery_v6.c b/security/openvas/files/patch-nasl_nasl_packet_forgery_v6.c index 3cce52f14fe2..e888f9a358c6 100644 --- a/security/openvas/files/patch-nasl_nasl_packet_forgery_v6.c +++ b/security/openvas/files/patch-nasl_nasl_packet_forgery_v6.c @@ -1,5 +1,5 @@ ---- nasl/nasl_packet_forgery_v6.c 2021-04-15 09:39:00.000000000 -0500 -+++ nasl/nasl_packet_forgery_v6.c 2021-06-14 20:22:58.395635000 -0500 +--- nasl/nasl_packet_forgery_v6.c 2022-02-22 05:32:53.000000000 -0500 ++++ nasl/nasl_packet_forgery_v6.c 2022-05-20 22:22:40.261563000 -0500 @@ -36,6 +36,8 @@ * 09/02/2010 Preeti Subramanian <spreeti@secpod.com> */ @@ -19,15 +19,34 @@ #endif #include "../misc/bpf_share.h" /* for bpf_open_live */ -@@ -73,6 +76,11 @@ - #else - #define FIX(n) htons (n) +@@ -75,6 +78,11 @@ #define UNFIX(n) ntohs (n) -+#endif -+ + #endif + +#ifdef __FreeBSD__ +#define TCP_MSS_DEFAULT TCP6_MSS +#define TCP_MSS_DESIRED TCP6_MSS - #endif - ++#endif ++ /*--------------[ cksum ]-----------------------------------------*/ + + /* +@@ -2347,6 +2355,7 @@ + int dfl_len = get_int_var_by_name (lexic, "length", -1); + struct script_infos *script_infos = lexic->script_infos; + struct in6_addr *dstip = plug_get_host_ip (script_infos); ++ struct in6_addr tmp6_dst; + int opt_on = 1; + char name[INET6_ADDRSTRLEN]; + int allow_multicast = 0; +@@ -2430,7 +2439,9 @@ + /* if(b < 0) perror("sendto "); */ + if (b >= 0 && use_pcap != 0 && bpf >= 0) + { +- if (v6_islocalhost (&sip->ip6_dst)) ++ tmp6_dst = sip->ip6_dst; ++ ++ if (v6_islocalhost (&tmp6_dst)) + { + answer = (u_char *) capture_next_v6_packet (bpf, to, &answer_sz); + while ( diff --git a/security/openvas/files/patch-src_sighand.c b/security/openvas/files/patch-src_sighand.c new file mode 100644 index 000000000000..724185542aa7 --- /dev/null +++ b/security/openvas/files/patch-src_sighand.c @@ -0,0 +1,11 @@ +--- src/sighand.c 2022-05-19 23:34:53.324417000 -0500 ++++ src/sighand.c 2022-05-19 23:35:02.138680000 -0500 +@@ -119,7 +119,7 @@ + strings = backtrace_symbols (array, ret); + g_warning ("%s", message); + +- for (left = 0; left < 10; left++) ++ for (left = 0; left < ret; left++) + g_warning ("%s\n", strings[left]); + + g_free (strings); diff --git a/security/openvas/pkg-plist b/security/openvas/pkg-plist index 369e20d94341..26895d331121 100644 --- a/security/openvas/pkg-plist +++ b/security/openvas/pkg-plist @@ -4,10 +4,10 @@ bin/openvas-nasl-lint @sample %%ETCDIR%%/openvas_log.conf.sample lib/libopenvas_misc.so lib/libopenvas_misc.so.21 -lib/libopenvas_misc.so.21.4.3 +lib/libopenvas_misc.so.21.4.4 lib/libopenvas_nasl.so lib/libopenvas_nasl.so.21 -lib/libopenvas_nasl.so.21.4.3 +lib/libopenvas_nasl.so.21.4.4 sbin/openvas share/man/man1/openvas-nasl-lint.1.gz share/man/man1/openvas-nasl.1.gz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202205220544.24M5iWnG005601>