1 files changed, 0 insertions, 61 deletions
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
deleted file mode 100644
index 919f2b009c..0000000000
--- a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From c45443a0d3e16b92622bea6b589e5930e8f0d815 Mon Sep 17 00:00:00 2001
-From: Peiran Hong <peiran.hong@windriver.com>
-Date: Fri, 13 Sep 2019 17:02:57 -0400
-Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
---
- netdissect.h | 12 ++++++++++++
- print-aoe.c  |  1 +
- 2 files changed, 13 insertions(+)
-diff --git a/netdissect.h b/netdissect.h
-index 089b0406..cd05fdb9 100644
--- a/netdissect.h
-+++ b/netdissect.h
-@@ -69,6 +69,11 @@ typedef struct {
- typedef unsigned char nd_uint8_t;
- typedef signed char nd_int8_t;
- 
-+/*
-+ * Use this for MAC addresses.
-+ */
-+#define MAC_ADDR_LEN    6               /* length of MAC addresses */
-+
- /* snprintf et al */
- 
- #include <stdarg.h>
-@@ -309,12 +314,19 @@ struct netdissect_options {
-        ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
-          (uintptr_t)&(var) <= (uintptr_t)ndo->ndo_snapend - (l)))
- 
-+#define ND_TTEST_LEN(p, l) \
-+  (IS_NOT_NEGATIVE(l) && \
-+        ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
-+         (uintptr_t)(p) <= (uintptr_t)ndo->ndo_snapend - (l)))
-+
- /* True if "var" was captured */
- #define ND_TTEST(var) ND_TTEST2(var, sizeof(var))
- 
- /* Bail if "l" bytes of "var" were not captured */
- #define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc
- 
-+#define ND_TCHECK_LEN(p, l) if (!ND_TTEST_LEN(p, l)) goto trunc
-+
- /* Bail if "var" was not captured */
- #define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var))
- 
-diff --git a/print-aoe.c b/print-aoe.c
-index 97e93df2..ac097a04 100644
--- a/print-aoe.c
-+++ b/print-aoe.c
-@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
-                goto invalid;
-        /* addresses */
-        for (i = 0; i < nmacs; i++) {
-+               ND_TCHECK_LEN(cp, MAC_ADDR_LEN);
-                ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
-                cp += ETHER_ADDR_LEN;
-        }
-- 
-2.21.0

diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch deleted file mode 100644 index 919f2b009c..0000000000 --- a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch +++ /dev/null
@@ -1,61 +0,0 @@
1	From c45443a0d3e16b92622bea6b589e5930e8f0d815 Mon Sep 17 00:00:00 2001
2	From: Peiran Hong <peiran.hong@windriver.com>
3	Date: Fri, 13 Sep 2019 17:02:57 -0400
4	Subject: [PATCH] CVE-2017-16808/AoE: Add a missing bounds check.
5
6	---
7	netdissect.h \| 12 ++++++++++++
8	print-aoe.c \| 1 +
9	2 files changed, 13 insertions(+)
10
11	diff --git a/netdissect.h b/netdissect.h
12	index 089b0406..cd05fdb9 100644
13	--- a/netdissect.h
14	+++ b/netdissect.h
15	@@ -69,6 +69,11 @@ typedef struct {
16	typedef unsigned char nd_uint8_t;
17	typedef signed char nd_int8_t;
18
19	+/*
20	+ * Use this for MAC addresses.
21	+ */
22	+#define MAC_ADDR_LEN 6 /* length of MAC addresses */
23	+
24	/* snprintf et al */
25
26	#include <stdarg.h>
27	@@ -309,12 +314,19 @@ struct netdissect_options {
28	((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
29	(uintptr_t)&(var) <= (uintptr_t)ndo->ndo_snapend - (l)))
30
31	+#define ND_TTEST_LEN(p, l) \
32	+ (IS_NOT_NEGATIVE(l) && \
33	+ ((uintptr_t)ndo->ndo_snapend - (l) <= (uintptr_t)ndo->ndo_snapend && \
34	+ (uintptr_t)(p) <= (uintptr_t)ndo->ndo_snapend - (l)))
35	+
36	/* True if "var" was captured */
37	#define ND_TTEST(var) ND_TTEST2(var, sizeof(var))
38
39	/* Bail if "l" bytes of "var" were not captured */
40	#define ND_TCHECK2(var, l) if (!ND_TTEST2(var, l)) goto trunc
41
42	+#define ND_TCHECK_LEN(p, l) if (!ND_TTEST_LEN(p, l)) goto trunc
43	+
44	/* Bail if "var" was not captured */
45	#define ND_TCHECK(var) ND_TCHECK2(var, sizeof(var))
46
47	diff --git a/print-aoe.c b/print-aoe.c
48	index 97e93df2..ac097a04 100644
49	--- a/print-aoe.c
50	+++ b/print-aoe.c
51	@@ -325,6 +325,7 @@ aoev1_reserve_print(netdissect_options *ndo,
52	goto invalid;
53	/* addresses */
54	for (i = 0; i < nmacs; i++) {
55	+ ND_TCHECK_LEN(cp, MAC_ADDR_LEN);
56	ND_PRINT((ndo, "\n\tEthernet Address %u: %s", i, etheraddr_string(ndo, cp)));
57	cp += ETHER_ADDR_LEN;
58	}
59	--
60	2.21.0
61