diff options
| author | Hannu Nyman <hannu.nyman@iki.fi> | 2017-04-20 18:52:08 +0300 |
|---|---|---|
| committer | Hannu Nyman <hannu.nyman@iki.fi> | 2017-04-20 18:52:08 +0300 |
| commit | b7ae80dc692d5ee103c7f0324585e2d01dec1cb9 (patch) | |
| tree | 4d2b4c3071dd6f43ecf8f55e3eed3a5eb4e520ae /utils | |
| parent | 6a50d4754e22bc7885e8bf543f5ebecaa9f649b5 (diff) | |
collectd: upstream fix for vulnerability in network plugin
Import an upstream fix for a DDoS vulnerability in the
network plugin: CVE-2017-7401
Refresh patches.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Diffstat (limited to 'utils')
4 files changed, 56 insertions, 6 deletions
diff --git a/utils/collectd/Makefile b/utils/collectd/Makefile index e5e625e88..6ccf792f5 100644 --- a/utils/collectd/Makefile +++ b/utils/collectd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=collectd PKG_VERSION:=5.7.1 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://collectd.org/files/ \ diff --git a/utils/collectd/patches/050-upstream-fix-for-network-plugin-ddos.patch b/utils/collectd/patches/050-upstream-fix-for-network-plugin-ddos.patch new file mode 100644 index 000000000..62b25deff --- /dev/null +++ b/utils/collectd/patches/050-upstream-fix-for-network-plugin-ddos.patch @@ -0,0 +1,50 @@ +From f6be4f9b49b949b379326c3d7002476e6ce4f211 Mon Sep 17 00:00:00 2001 +From: Pavel Rochnyack <pavel2000@ngs.ru> +Date: Mon, 3 Apr 2017 11:57:09 +0600 +Subject: [PATCH] network plugin: Fix endless loop DOS in parse_packet() + +When correct 'Signature part' is received by Collectd, configured without +AuthFile option, condition for endless loop occurs due to missing increase +of pointer to next unprocessed part. + +Fixes: CVE-2017-7401 + +Signed-off-by: Florian Forster <octo@collectd.org> + + +--- a/src/network.c ++++ b/src/network.c +@@ -1003,14 +1003,6 @@ static int parse_part_sign_sha256(socken + buffer_len = *ret_buffer_len; + buffer_offset = 0; + +- if (se->data.server.userdb == NULL) { +- c_complain( +- LOG_NOTICE, &complain_no_users, +- "network plugin: Received signed network packet but can't verify it " +- "because no user DB has been configured. Will accept it."); +- return (0); +- } +- + /* Check if the buffer has enough data for this structure. */ + if (buffer_len <= PART_SIGNATURE_SHA256_SIZE) + return (-ENOMEM); +@@ -1027,6 +1019,18 @@ static int parse_part_sign_sha256(socken + return (-1); + } + ++ if (se->data.server.userdb == NULL) { ++ c_complain( ++ LOG_NOTICE, &complain_no_users, ++ "network plugin: Received signed network packet but can't verify it " ++ "because no user DB has been configured. Will accept it."); ++ ++ *ret_buffer = buffer + pss_head_length; ++ *ret_buffer_len -= pss_head_length; ++ ++ return (0); ++ } ++ + /* Copy the hash. */ + BUFFER_READ(pss.hash, sizeof(pss.hash)); + diff --git a/utils/collectd/patches/700-disable-sys-capability-check.patch b/utils/collectd/patches/700-disable-sys-capability-check.patch index 2628d4189..280e50151 100644 --- a/utils/collectd/patches/700-disable-sys-capability-check.patch +++ b/utils/collectd/patches/700-disable-sys-capability-check.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -833,10 +833,7 @@ +@@ -830,10 +830,7 @@ fi have_cpuid_h="no" AC_CHECK_HEADERS(cpuid.h, [have_cpuid_h="yes"]) diff --git a/utils/collectd/patches/900-add-iwinfo-plugin.patch b/utils/collectd/patches/900-add-iwinfo-plugin.patch index a86961071..7c2c72012 100644 --- a/utils/collectd/patches/900-add-iwinfo-plugin.patch +++ b/utils/collectd/patches/900-add-iwinfo-plugin.patch @@ -10,7 +10,7 @@ # For the turbostat plugin have_asm_msrindex_h="no" AC_CHECK_HEADERS(asm/msr-index.h, [have_asm_msrindex_h="yes"]) -@@ -5946,6 +5949,7 @@ plugin_interface="no" +@@ -5943,6 +5946,7 @@ plugin_interface="no" plugin_ipmi="no" plugin_ipvs="no" plugin_irq="no" @@ -18,7 +18,7 @@ plugin_load="no" plugin_log_logstash="no" plugin_memory="no" -@@ -6416,6 +6420,7 @@ AC_PLUGIN([ipmi], [$plugi +@@ -6413,6 +6417,7 @@ AC_PLUGIN([ipmi], [$plugi AC_PLUGIN([iptables], [$with_libiptc], [IPTables rule counters]) AC_PLUGIN([ipvs], [$plugin_ipvs], [IPVS connection statistics]) AC_PLUGIN([irq], [$plugin_irq], [IRQ statistics]) @@ -26,7 +26,7 @@ AC_PLUGIN([java], [$with_java], [Embed the Java Virtual Machine]) AC_PLUGIN([load], [$plugin_load], [System load]) AC_PLUGIN([log_logstash], [$plugin_log_logstash], [Logstash json_event compatible logging]) -@@ -6797,6 +6802,7 @@ AC_MSG_RESULT([ libyajl . . . . . . . +@@ -6794,6 +6799,7 @@ AC_MSG_RESULT([ libyajl . . . . . . . AC_MSG_RESULT([ oracle . . . . . . . $with_oracle]) AC_MSG_RESULT([ protobuf-c . . . . . $have_protoc_c]) AC_MSG_RESULT([ protoc 3 . . . . . . $have_protoc3]) @@ -34,7 +34,7 @@ AC_MSG_RESULT() AC_MSG_RESULT([ Features:]) AC_MSG_RESULT([ daemon mode . . . . . $enable_daemon]) -@@ -6853,6 +6859,7 @@ AC_MSG_RESULT([ ipmi . . . . . . . . +@@ -6850,6 +6856,7 @@ AC_MSG_RESULT([ ipmi . . . . . . . . AC_MSG_RESULT([ iptables . . . . . . $enable_iptables]) AC_MSG_RESULT([ ipvs . . . . . . . . $enable_ipvs]) AC_MSG_RESULT([ irq . . . . . . . . . $enable_irq]) |