dnsmasq: backport CVE-2015-3294 security fix

author rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>

Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)

committer rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>

Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)
author rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)
committer rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile

index 17af3c5d8cbdf02c67c86defc40c206d624a40b9..6262dc5475b957b7ecc1b854c339f35db9529f58 100644 (file)
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
  
  PKG_NAME:=dnsmasq
  PKG_VERSION:=2.71
-PKG_RELEASE:=4
+PKG_RELEASE:=5
  
  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
diff --git a/package/network/services/dnsmasq/patches/003-Fix-crash-on-receipt-of-certa b/package/network/services/dnsmasq/patches/003-Fix-crash-on-receipt-of-certa

new file mode 100644 (file)

index 0000000..eb3075d
--- /dev/null
+++ b/package/network/services/dnsmasq/patches/003-Fix-crash-on-receipt-of-certa
@@ -0,0 +1,37 @@
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 9 Apr 2015 21:48:00 +0100
+Subject: [PATCH] Fix crash on receipt of certain malformed DNS requests.
+
+---
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
+ size_t setup_reply(struct dns_header *header, size_t qlen,
+               struct all_addr *addrp, unsigned int flags, unsigned long ttl)
+ {
+-  unsigned char *p = skip_questions(header, qlen);
++  unsigned char *p;
++
++  if (!(p = skip_questions(header, qlen)))
++    return 0;
+   
+   /* clear authoritative and truncated flags, set QR flag */
+   header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
+@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+     SET_RCODE(header, NOERROR); /* empty domain */
+   else if (flags == F_NXDOMAIN)
+     SET_RCODE(header, NXDOMAIN);
+-  else if (p && flags == F_IPV4)
++  else if (flags == F_IPV4)
+     { /* we know the address */
+       SET_RCODE(header, NOERROR);
+       header->ancount = htons(1);
+@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+       add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
+     }
+ #ifdef HAVE_IPV6
+-  else if (p && flags == F_IPV6)
++  else if (flags == F_IPV6)
+     {
+       SET_RCODE(header, NOERROR);
+       header->ancount = htons(1);
author	rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>
	Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)
committer	rmilecki <rmilecki@3c298f89-4303-0410-b956-a3cf2f4a3e73>
	Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)
package/network/services/dnsmasq/Makefile		patch \| blob \| history
package/network/services/dnsmasq/patches/003-Fix-crash-on-receipt-of-certa	[new file with mode: 0644]	patch \| blob