diff --git a/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch b/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch index 659b7d1b78e070eafbc9373d34d5e42bb29a6365..f1f4ce55b339a8dfe8896f2a8e0b7041d93ac4e2 100644 --- a/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch +++ b/backport-0009-Change-n-flag-to-nn-in-TESTonce.patch @@ -1,13 +1,13 @@ diff --git a/tests/TESTrun b/tests/TESTrun -index b423627..aa3c97d 100755 +index 0a1a255..9286ff7 100755 --- a/tests/TESTrun +++ b/tests/TESTrun -@@ -102,7 +102,7 @@ sub runtest { - # - # Furthermore, on Windows, fc can't read the standard input, so we - # can't do it as a pipeline in any case. -- $r = system "$TCPDUMP -# -n -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}"; -+ $r = system "$TCPDUMP -# -nn -r $input $options >tests/NEW/${outputbase} 2>${rawstderrlog}"; +@@ -116,7 +116,7 @@ sub runtest { + # No specific time option, use -tttt + $options .= " -tttt"; + } +- $r = system "$TCPDUMP -# -n -r $input $options >${newdir}/${outputbase} 2>${rawstderrlog}"; ++ $r = system "$TCPDUMP -# -nn -r $input $options >${newdir}/${outputbase} 2>${rawstderrlog}"; + if($r != 0) { # - # Something other than "tcpdump opened the file, read it, and diff --git a/backport-0010-Fix-a-not-defined-macro-error.patch b/backport-0010-Fix-a-not-defined-macro-error.patch deleted file mode 100644 index fa0282fa530e1e5d73414ae7fafb7d4e4db77340..0000000000000000000000000000000000000000 --- a/backport-0010-Fix-a-not-defined-macro-error.patch +++ /dev/null @@ -1,31 +0,0 @@ -From bfc96b04831641376636337406aae7fe0fe65081 Mon Sep 17 00:00:00 2001 -From: Francois-Xavier Le Bail -Date: Wed, 6 Mar 2024 21:11:42 +0100 -Subject: [PATCH] Capsicum support: Fix a 'not defined' macro error - -The error was: -In file included from ./tcpdump.c:158: -./interface.h:62:32: error: "HAVE_CAPSICUM" is not defined, evaluates -to 0 [-Werror=undef] - 62 | (defined(HAVE_BPF_DUMP) && HAVE_CAPSICUM && !defined(bpf_dump)) - | ^~~~~~~~~~~~~ - -Conflict: NA -Reference: https://github.com/the-tcpdump-group/tcpdump/commit/bfc96b04831641376636337406aae7fe0fe65081 ---- - interface.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/interface.h b/interface.h -index b129312ab..0e35b7800 100644 ---- a/interface.h -+++ b/interface.h -@@ -59,7 +59,7 @@ struct bpf_program; - * With Capsicum bpf_dump() may be not declared even if HAVE_BPF_DUMP is set. - */ - #if !defined(HAVE_BPF_DUMP) || \ -- (defined(HAVE_BPF_DUMP) && HAVE_CAPSICUM && !defined(bpf_dump)) -+ (defined(HAVE_BPF_DUMP) && defined(HAVE_CAPSICUM) && !defined(bpf_dump)) - extern void bpf_dump(const struct bpf_program *, int); - - #endif diff --git a/backport-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch b/backport-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch new file mode 100644 index 0000000000000000000000000000000000000000..6ba8b990c7c03b4d87a2448704d08ae62c6c1842 --- /dev/null +++ b/backport-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch @@ -0,0 +1,48 @@ +From 09b0447fad52298440e05e7368f9d24492d0b0fe Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Tue, 22 Aug 2023 12:23:20 -0700 +Subject: [PATCH] pgm: don't advance bp by the option haeder length twice. + +At those points, we've already advanced it by the option header length, +and opt_len includes that length, so advance bp by opt_len minus the +option header length. + +Fixes #1024. + +Conflict: NA +Reference: https://github.com/the-tcpdump-group/tcpdump/commit/09b0447fad52298440e05e7368f9d24492d0b0fe +--- + print-pgm.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/print-pgm.c b/print-pgm.c +index d4536ce1f..c62fd03e2 100644 +--- a/print-pgm.c ++++ b/print-pgm.c +@@ -674,7 +674,7 @@ pgm_print(netdissect_options *ndo, + + case PGM_OPT_PATH_NLA: + ND_PRINT(" PATH_NLA [%u]", opt_len); +- bp += opt_len; ++ bp += opt_len - 2; + opts_len -= opt_len; + break; + +@@ -716,7 +716,7 @@ pgm_print(netdissect_options *ndo, + + case PGM_OPT_CR: + ND_PRINT(" CR"); +- bp += opt_len; ++ bp += opt_len - 2; + opts_len -= opt_len; + break; + +@@ -820,7 +820,7 @@ pgm_print(netdissect_options *ndo, + + default: + ND_PRINT(" OPT_%02X [%u] ", opt_type, opt_len); +- bp += opt_len; ++ bp += opt_len - 2; + opts_len -= opt_len; + break; + } diff --git a/backport-pgm-fix-the-way-we-step-through-the-packet.patch b/backport-pgm-fix-the-way-we-step-through-the-packet.patch new file mode 100644 index 0000000000000000000000000000000000000000..23607decc672ea0d9170dbe12819c40fa0acdadd --- /dev/null +++ b/backport-pgm-fix-the-way-we-step-through-the-packet.patch @@ -0,0 +1,152 @@ +From 9a3eebde95cf1032ac68ae4312e2db14bb1fe58d Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Mon, 21 Aug 2023 23:15:14 -0700 +Subject: [PATCH] pgm: fix the way we step through the packet. + +Step past the PGM header after we finish processing it and before we +process the message-type-specific header. + +Step past the message-type-specific fixed-length header before we +process the stuff after that header. + +This makes the code a bit clearer (by explicitly advancing bp by the +size of the stuff we just processed, rather than doing so by trickery +involving adding 1 to a pointer to a structure), and fixes the +processing of message types that don't have a message-type-specific +header (where we weren't stepping past the PGM header). It also affects +the way we handle messages of an unknown type. + +Conflict: context adapt +Reference: https://github.com/the-tcpdump-group/tcpdump/commit/9a3eebde95cf1032ac68ae4312e2db14bb1fe58d +--- + print-pgm.c | 29 +++++++++++++++-------------- + tests/pgm_opts_asan.out | 2 +- + tests/pgm_opts_asan_2.out | 2 +- + tests/pgm_opts_asan_3.out | 2 +- + 4 files changed, 18 insertions(+), 17 deletions(-) + +diff --git a/print-pgm.c b/print-pgm.c +index 3b063ba76..c1c56932a 100644 +--- a/print-pgm.c ++++ b/print-pgm.c +@@ -220,13 +220,14 @@ pgm_print(netdissect_options *ndo, + pgm->pgm_gsid[3], + pgm->pgm_gsid[4], + pgm->pgm_gsid[5]); ++ bp += sizeof(struct pgm_header); + switch (pgm_type_val) { + case PGM_SPM: { + const struct pgm_spm *spm; + +- spm = (const struct pgm_spm *)(pgm + 1); ++ spm = (const struct pgm_spm *)bp; + ND_TCHECK_SIZE(spm); +- bp = (const u_char *) (spm + 1); ++ bp += sizeof(struct pgm_spm); + + switch (GET_BE_U_2(spm->pgms_nla_afi)) { + case AFNUM_INET: +@@ -256,9 +257,9 @@ pgm_print(netdissect_options *ndo, + const struct pgm_poll *pgm_poll; + uint32_t ivl, rnd, mask; + +- pgm_poll = (const struct pgm_poll *)(pgm + 1); ++ pgm_poll = (const struct pgm_poll *)bp; + ND_TCHECK_SIZE(pgm_poll); +- bp = (const u_char *) (pgm_poll + 1); ++ bp += sizeof(struct pgm_poll); + + switch (GET_BE_U_2(pgm_poll->pgmp_nla_afi)) { + case AFNUM_INET: +@@ -294,35 +295,35 @@ pgm_print(netdissect_options *ndo, + case PGM_POLR: { + const struct pgm_polr *polr_msg; + +- polr_msg = (const struct pgm_polr *)(pgm + 1); ++ polr_msg = (const struct pgm_polr *)bp; + ND_TCHECK_SIZE(polr_msg); + ND_PRINT("POLR seq %u round %u", + GET_BE_U_4(polr_msg->pgmp_seq), + GET_BE_U_2(polr_msg->pgmp_round)); +- bp = (const u_char *) (polr_msg + 1); ++ bp += sizeof(struct pgm_polr); + break; + } + case PGM_ODATA: { + const struct pgm_data *odata; + +- odata = (const struct pgm_data *)(pgm + 1); ++ odata = (const struct pgm_data *)bp; + ND_TCHECK_SIZE(odata); + ND_PRINT("ODATA trail %u seq %u", + GET_BE_U_4(odata->pgmd_trailseq), + GET_BE_U_4(odata->pgmd_seq)); +- bp = (const u_char *) (odata + 1); ++ bp += sizeof(struct pgm_data); + break; + } + + case PGM_RDATA: { + const struct pgm_data *rdata; + +- rdata = (const struct pgm_data *)(pgm + 1); ++ rdata = (const struct pgm_data *)bp; + ND_TCHECK_SIZE(rdata); + ND_PRINT("RDATA trail %u seq %u", + GET_BE_U_4(rdata->pgmd_trailseq), + GET_BE_U_4(rdata->pgmd_seq)); +- bp = (const u_char *) (rdata + 1); ++ bp += sizeof(struct pgm_data); + break; + } + +@@ -330,9 +331,9 @@ pgm_print(netdissect_options *ndo, + const struct pgm_nak *nak; + char source_buf[INET6_ADDRSTRLEN], group_buf[INET6_ADDRSTRLEN]; + +- nak = (const struct pgm_nak *)(pgm + 1); ++ nak = (const struct pgm_nak *)bp; + ND_TCHECK_SIZE(nak); +- bp = (const u_char *) (nak + 1); ++ bp += sizeof(struct pgm_nak); + + /* + * Skip past the source, saving info along the way +@@ -399,11 +400,11 @@ pgm_print(netdissect_options *ndo, + case PGM_ACK: { + const struct pgm_ack *ack; + +- ack = (const struct pgm_ack *)(pgm + 1); ++ ack = (const struct pgm_ack *)bp; + ND_TCHECK_SIZE(ack); + ND_PRINT("ACK seq %u", + GET_BE_U_4(ack->pgma_rx_max_seq)); +- bp = (const u_char *) (ack + 1); ++ bp += sizeof(struct pgm_ack); + break; + } + +diff --git a/tests/pgm_opts_asan.out b/tests/pgm_opts_asan.out +index 6cc9b0651..7527bda3b 100644 +--- a/tests/pgm_opts_asan.out ++++ b/tests/pgm_opts_asan.out +@@ -1,2 +1,2 @@ + 1 2014-05-12 00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->9eb9)!) +- 128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13] OPT_06 [26] PATH_NLA [4] [|pgm] ++ 128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4] +diff --git a/tests/pgm_opts_asan_2.out b/tests/pgm_opts_asan_2.out +index 1785a571c..53830c857 100644 +--- a/tests/pgm_opts_asan_2.out ++++ b/tests/pgm_opts_asan_2.out +@@ -1,2 +1,2 @@ + 1 2014-05-12 00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->96b9)!) +- 128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13] OPT_06 [26] [Bad OPT_PGMCC_DATA option, length 4 < 12] ++ 128.121.89.107 > 89.89.16.63: 128.121.89.107.4 > 89.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4] +diff --git a/tests/pgm_opts_asan_3.out b/tests/pgm_opts_asan_3.out +index 2e35f2fa3..b8864e296 100644 +--- a/tests/pgm_opts_asan_3.out ++++ b/tests/pgm_opts_asan_3.out +@@ -1,2 +1,2 @@ + 1 2014-05-12 00:04:16.587271427 IP (tos 0x41,ECT(1), id 0, offset 0, flags [none], proto PGM (113), length 32639, options (unknown 89 [bad length 232]), bad cksum 5959 (->f814)!) +- 128.121.89.16 > 0.89.16.63: 128.121.89.16.4 > 0.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f OPTS LEN 225 OPT_1F [13] OPT_06 [26] [Bad OPT_REDIRECT option, length 4 < 8] ++ 128.121.89.16 > 0.89.16.63: 128.121.89.16.4 > 0.89.16.63.225: PGM, length 0 0x3414eb1f0022 UNKNOWN type 0x1f[Bad OPT_LENGTH option, length 0 != 4] diff --git a/tcpdump-4.99.4.tar.gz b/tcpdump-4.99.4.tar.gz deleted file mode 100644 index b675a08f5a2bde5bfadd21555aa24c59ec4b50d1..0000000000000000000000000000000000000000 Binary files a/tcpdump-4.99.4.tar.gz and /dev/null differ diff --git a/tcpdump-4.99.4.tar.gz.sig b/tcpdump-4.99.4.tar.gz.sig deleted file mode 100644 index 82f5b7f64d5358c1bf392fccc98ccddce9689726..0000000000000000000000000000000000000000 Binary files a/tcpdump-4.99.4.tar.gz.sig and /dev/null differ diff --git a/tcpdump-4.99.5.tar.gz b/tcpdump-4.99.5.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bae68b5f3a864fcb0404a95d59e6f465ad00d82a Binary files /dev/null and b/tcpdump-4.99.5.tar.gz differ diff --git a/tcpdump-4.99.5.tar.gz.sig b/tcpdump-4.99.5.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..fec9fb33ce8d8be1844ddcc703b94b176030d1c8 Binary files /dev/null and b/tcpdump-4.99.5.tar.gz.sig differ diff --git a/tcpdump.spec b/tcpdump.spec index b5b4791894606ae9f565954d13fc01373b383f9d..fd9174344f324e49a290065684cdd50bdc3e80d7 100644 --- a/tcpdump.spec +++ b/tcpdump.spec @@ -1,9 +1,9 @@ -%define tcpslice_dir tcpslice-1.6 +%define tcpslice_dir tcpslice-1.8 Name: tcpdump Epoch: 14 -Version: 4.99.4 -Release: 5 +Version: 4.99.5 +Release: 1 Summary: A network traffic monitoring tool License: BSD-2-Clause AND BSD-3-Clause AND BSD-4-Clause AND BSD-4-Clause-UC AND ISC AND NTP URL: http://www.tcpdump.org @@ -17,7 +17,9 @@ Patch1: backport-0003-Drop-root-priviledges-before-opening-first-savefil Patch2: backport-0007-Introduce-nn-option.patch Patch3: backport-0009-Change-n-flag-to-nn-in-TESTonce.patch Patch4: tcpdump-Add-sw64-architecture.patch -Patch5: backport-0010-Fix-a-not-defined-macro-error.patch +Patch5: backport-pgm-fix-the-way-we-step-through-the-packet.patch +Patch6: backport-pgm-don-t-advance-bp-by-the-option-haeder-length-twi.patch + Requires(pre): shadow-utils BuildRequires: automake openssl-devel libpcap-devel git-core gcc make @@ -40,11 +42,12 @@ Man pages and other related help documents for tcpdump. %autosetup -a 1 -S git %build -export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing" +export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing -DGUESS_TSO" pushd %{tcpslice_dir} # update config.{guess,sub} automake -a -f 2> /dev/null || : +./autogen.sh %configure make %{?_smp_mflags} popd @@ -108,6 +111,12 @@ make check %{_mandir}/man8/tcpdump.8* %changelog +* Thu Feb 20 2025 xinghe - 14:4.99.5-1 +- Type:requirements +- ID:NA +- SUG:NA +- DESC:update tcpdump to 4.99.5 + * Wed Jul 17 2024 tangkuigang - 14:4.99.4-5 - Type:bugfix - CVE:NA diff --git a/tcpslice-1.6.tar.gz b/tcpslice-1.6.tar.gz deleted file mode 100644 index 6c8fde6438e07e7e4f811990c32fd745be8d12f7..0000000000000000000000000000000000000000 Binary files a/tcpslice-1.6.tar.gz and /dev/null differ diff --git a/tcpslice-1.8.tar.gz b/tcpslice-1.8.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..944712e20858d88befbac58a6d6cbfe31ce312a3 Binary files /dev/null and b/tcpslice-1.8.tar.gz differ