Update to 0.21, fixes a format string vulnerability:
http://www.atstake.com/research/advisories/2003/a080703-2.txt Not exploitable as it is not installed setuid root. from MAINTAINER.
This commit is contained in:
parent
4995d1d1a5
commit
dd7a4aa7aa
@ -1,8 +1,8 @@
|
||||
# $OpenBSD: Makefile,v 1.10 2002/10/17 15:37:41 naddy Exp $
|
||||
# $OpenBSD: Makefile,v 1.11 2003/08/12 00:59:46 jolan Exp $
|
||||
|
||||
COMMENT= "tool for capturing data from TCP connections"
|
||||
|
||||
DISTNAME= tcpflow-0.20
|
||||
DISTNAME= tcpflow-0.21
|
||||
CATEGORIES= net
|
||||
MASTER_SITES= ftp://ftp.circlemud.org/pub/jelson/tcpflow/
|
||||
|
||||
|
@ -1,3 +1,3 @@
|
||||
MD5 (tcpflow-0.20.tar.gz) = cce28bfb13fa7a9eea17af9ff50b6580
|
||||
RMD160 (tcpflow-0.20.tar.gz) = ca0b92dfb8b6b0a32cf087f007df62c48d3d5d7a
|
||||
SHA1 (tcpflow-0.20.tar.gz) = 833d369e36828fa132106df93c604cc1c42c23c7
|
||||
MD5 (tcpflow-0.21.tar.gz) = 45a5aef6f043312315b7f342afc4a9c5
|
||||
RMD160 (tcpflow-0.21.tar.gz) = 250ed27f1a49f4eda4b274857c11762be8261209
|
||||
SHA1 (tcpflow-0.21.tar.gz) = 08eeb8532e1f713db2587580d759ebad813a0b49
|
||||
|
@ -1,6 +1,6 @@
|
||||
$OpenBSD: patch-tcpflow_1_in,v 1.2 2002/10/17 15:37:41 naddy Exp $
|
||||
--- tcpflow.1.in.orig Wed Oct 16 20:37:43 2002
|
||||
+++ tcpflow.1.in Wed Oct 16 20:41:41 2002
|
||||
$OpenBSD: patch-doc_tcpflow_1_in,v 1.1 2003/08/12 00:59:47 jolan Exp $
|
||||
--- doc/tcpflow.1.in.orig Mon Feb 26 15:01:30 2001
|
||||
+++ doc/tcpflow.1.in Mon Aug 11 11:07:02 2003
|
||||
@@ -32,7 +32,7 @@ tcpflow \- TCP flow recorder
|
||||
is a program that captures data transmitted as part of TCP connections
|
||||
(flows), and stores the data in a way that is convenient for protocol
|
@ -1,7 +1,7 @@
|
||||
$OpenBSD: patch-main_c,v 1.3 2002/10/17 15:37:41 naddy Exp $
|
||||
--- main.c.orig Wed Oct 16 20:38:45 2002
|
||||
+++ main.c Wed Oct 16 20:38:59 2002
|
||||
@@ -66,7 +66,7 @@ void print_usage(char *progname)
|
||||
$OpenBSD: patch-src_main_c,v 1.1 2003/08/12 00:59:47 jolan Exp $
|
||||
--- src/main.c.orig Thu Aug 7 00:35:24 2003
|
||||
+++ src/main.c Mon Aug 11 11:04:03 2003
|
||||
@@ -80,7 +80,7 @@ void print_usage(char *progname)
|
||||
fprintf(stderr, "%s version %s by Jeremy Elson <jelson@circlemud.org>\n\n",
|
||||
PACKAGE, VERSION);
|
||||
fprintf(stderr, "usage: %s [-chpsv] [-b max_bytes] [-d debug_level] [-f max_fds]\n", progname);
|
21
net/tcpflow/patches/patch-src_util_c
Normal file
21
net/tcpflow/patches/patch-src_util_c
Normal file
@ -0,0 +1,21 @@
|
||||
$OpenBSD: patch-src_util_c,v 1.1 2003/08/12 00:59:47 jolan Exp $
|
||||
--- src/util.c.orig Wed Aug 8 12:39:40 2001
|
||||
+++ src/util.c Mon Aug 11 11:06:15 2003
|
||||
@@ -65,7 +65,7 @@ void *check_malloc(size_t size)
|
||||
void init_debug(char *argv[])
|
||||
{
|
||||
debug_prefix = MALLOC(char, strlen(argv[0]) + 16);
|
||||
- sprintf(debug_prefix, "%s[%d]", argv[0], (int) getpid());
|
||||
+ snprintf(debug_prefix, (strlen(argv[0]) +16), "%s[%d]", argv[0], (int) getpid());
|
||||
}
|
||||
|
||||
|
||||
@@ -144,7 +144,7 @@ char *flow_filename(flow_t flow)
|
||||
|
||||
ring_pos = (ring_pos + 1) % RING_SIZE;
|
||||
|
||||
- sprintf(ring_buffer[ring_pos],
|
||||
+ snprintf(ring_buffer[ring_pos], sizeof(ring_buffer[ring_pos]),
|
||||
"%03d.%03d.%03d.%03d.%05d-%03d.%03d.%03d.%03d.%05d",
|
||||
(u_int8_t) ((flow.src & 0xff000000) >> 24),
|
||||
(u_int8_t) ((flow.src & 0x00ff0000) >> 16),
|
@ -1,12 +0,0 @@
|
||||
$OpenBSD: patch-util_c,v 1.1 2002/10/17 15:37:41 naddy Exp $
|
||||
--- util.c.orig Wed Oct 16 22:02:06 2002
|
||||
+++ util.c Wed Oct 16 22:02:34 2002
|
||||
@@ -133,7 +133,7 @@ char *flow_filename(flow_t flow)
|
||||
|
||||
ring_pos = (ring_pos + 1) % RING_SIZE;
|
||||
|
||||
- sprintf(ring_buffer[ring_pos],
|
||||
+ snprintf(ring_buffer[ring_pos], sizeof(ring_buffer[ring_pos]),
|
||||
"%03d.%03d.%03d.%03d.%05d-%03d.%03d.%03d.%03d.%05d",
|
||||
(u_int8_t) ((flow.src & 0xff000000) >> 24),
|
||||
(u_int8_t) ((flow.src & 0x00ff0000) >> 16),
|
@ -10,5 +10,3 @@ tcpflow understands sequence numbers and will correctly reconstruct
|
||||
data streams regardless of retransmissions or out-of-order delivery.
|
||||
However, it currently does not understand IP fragments; flows
|
||||
containing IP fragments will not be recorded properly.
|
||||
|
||||
WWW: ${HOMEPAGE}
|
||||
|
@ -1,3 +1,3 @@
|
||||
@comment $OpenBSD: PLIST,v 1.2 2000/10/06 01:41:14 kevlo Exp $
|
||||
@comment $OpenBSD: PLIST,v 1.3 2003/08/12 00:59:47 jolan Exp $
|
||||
bin/tcpflow
|
||||
man/man1/tcpflow.1
|
||||
|
Loading…
Reference in New Issue
Block a user