diff options
| author |   Matteo Bernardini | 2018-05-10 13:18:28 +0200 |
|---|---|---|
| committer | Matteo Bernardini | 2018-06-09 07:52:17 +0200 |
| commit | 3754491977cce2ca784fc9b239569c477f78d6cc (patch) | |
| tree | 073c063d13b49b78db1ba496a077be45960c0e51 | |
| parent | 81c344443219574587ae3d6bccb8f19c1bd346af (diff) | |
| download | old.slackbuilds-ettercap.tar.gz | |
network/ettercap: Patch for openssl-1.1.x and two CVEs.ettercap
Signed-off-by: Matteo Bernardini <ponce@slackbuilds.org>
4 files changed, 586 insertions, 0 deletions
diff --git a/network/ettercap/ettercap.SlackBuild b/network/ettercap/ettercap.SlackBuild index f841ef5396..07cb9ca2de 100644 --- a/network/ettercap/ettercap.SlackBuild +++ b/network/ettercap/ettercap.SlackBuild @@ -72,6 +72,9 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; +# apply some patches from archlinux +for i in $CWD/patches/*; do patch -p1 < $i ; done + mkdir -p build cd build cmake \ diff --git a/network/ettercap/patches/0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch b/network/ettercap/patches/0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch new file mode 100644 index 0000000000..effc04ec19 --- /dev/null +++ b/network/ettercap/patches/0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch @@ -0,0 +1,257 @@ +From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001 +From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> +Date: Mon, 27 Jun 2016 12:41:33 +0200 +Subject: [PATCH] First draft of openssl 1.1 compatibility layer (from + https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc) + Closes: #739 + +--- + src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++- + src/ec_sslwrap.c | 14 ++++++++ + 2 files changed, 106 insertions(+), 1 deletion(-) + +diff --git a/src/dissectors/ec_ssh.c b/src/dissectors/ec_ssh.c +index f89200dc..26c86491 100644 +--- a/src/dissectors/ec_ssh.c ++++ b/src/dissectors/ec_ssh.c +@@ -36,6 +36,10 @@ + #include <openssl/md5.h> + #include <zlib.h> + ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) ++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ ++#endif ++ + #define SMSG_PUBLIC_KEY 2 + #define CMSG_SESSION_KEY 3 + #define CMSG_USER 4 +@@ -138,6 +142,11 @@ FUNC_DECODER(dissector_ssh) + char tmp[MAX_ASCII_ADDR_LEN]; + u_int32 ssh_len, ssh_mod; + u_char ssh_packet_type, *ptr, *key_to_put; ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n; ++ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e; ++ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d; ++#endif + + /* don't complain about unused var */ + (void) DECODE_DATA; +@@ -383,12 +392,25 @@ FUNC_DECODER(dissector_ssh) + if (session_data->ptrkey == NULL) { + /* Initialize RSA key structures (other fileds are set to 0) */ + session_data->serverkey = RSA_new(); ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ s_n = BN_new(); ++ s_e = BN_new(); ++ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d); ++#else + session_data->serverkey->n = BN_new(); + session_data->serverkey->e = BN_new(); ++#endif + + session_data->hostkey = RSA_new(); ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ h_n = BN_new(); ++ h_e = BN_new(); ++ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d); ++#else + session_data->hostkey->n = BN_new(); + session_data->hostkey->e = BN_new(); ++#endif + + /* Get the RSA Key from the packet */ + NS_GET32(server_mod,ptr); +@@ -396,19 +418,37 @@ FUNC_DECODER(dissector_ssh) + DEBUG_MSG("Dissector_ssh Bougs Server_Mod"); + return NULL; + } ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d); ++ get_bn(s_e, &ptr); ++ get_bn(s_n, &ptr); ++#else + get_bn(session_data->serverkey->e, &ptr); + get_bn(session_data->serverkey->n, &ptr); ++#endif + + NS_GET32(host_mod,ptr); + if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) { + DEBUG_MSG("Dissector_ssh Bougs Host_Mod"); + return NULL; + } ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d); ++ get_bn(h_e, &ptr); ++ get_bn(h_n, &ptr); ++#else + get_bn(session_data->hostkey->e, &ptr); + get_bn(session_data->hostkey->n, &ptr); ++#endif + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ server_exp = BN_get_word(s_e); ++ host_exp = BN_get_word(h_e); ++#else + server_exp = *(session_data->serverkey->e->d); + host_exp = *(session_data->hostkey->e->d); ++#endif + + /* Check if we already have a suitable RSA key to substitute */ + index_ssl = &ssh_conn_key; +@@ -424,7 +464,7 @@ FUNC_DECODER(dissector_ssh) + SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key)); + + /* Generate the new key */ +- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL); ++ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL); + (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL); + (*index_ssl)->server_mod = server_mod; + (*index_ssl)->host_mod = host_mod; +@@ -443,11 +483,25 @@ FUNC_DECODER(dissector_ssh) + + /* Put our RSA key in the packet */ + key_to_put+=4; ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d); ++ put_bn(m_s_e, &key_to_put); ++ put_bn(m_s_n, &key_to_put); ++#else + put_bn(session_data->ptrkey->myserverkey->e, &key_to_put); + put_bn(session_data->ptrkey->myserverkey->n, &key_to_put); ++#endif + key_to_put+=4; ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d); ++ put_bn(m_h_e, &key_to_put); ++ put_bn(m_h_n, &key_to_put); ++#else + put_bn(session_data->ptrkey->myhostkey->e, &key_to_put); + put_bn(session_data->ptrkey->myhostkey->n, &key_to_put); ++#endif + + /* Recalculate SSH crc */ + *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO)); +@@ -482,19 +536,34 @@ FUNC_DECODER(dissector_ssh) + key_to_put = ptr; + + /* Calculate real session id and our fake session id */ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ temp_session_id = ssh_session_id(cookie, h_n, s_n); ++#else + temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n); ++#endif + if (temp_session_id) + memcpy(session_id1, temp_session_id, 16); ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n); ++#else + temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n); ++#endif ++ + if (temp_session_id) + memcpy(session_id2, temp_session_id, 16); + + /* Get the session key */ + enckey = BN_new(); ++ + get_bn(enckey, &ptr); + + /* Decrypt session key */ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ if (BN_cmp(m_s_n, m_h_n) > 0) { ++#else + if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) { ++#endif + rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey); + rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey); + } else { +@@ -534,7 +603,11 @@ FUNC_DECODER(dissector_ssh) + BN_add_word(bn, sesskey[i]); + } + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ if (BN_cmp(s_n, h_n) < 0) { ++#else + if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) { ++#endif + rsa_public_encrypt(bn, bn, session_data->serverkey); + rsa_public_encrypt(bn, bn, session_data->hostkey); + } else { +@@ -716,7 +789,16 @@ static void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) + u_char *inbuf, *outbuf; + int32 len, ilen, olen; + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *n; ++ BIGNUM *e; ++ BIGNUM *d; ++ RSA_get0_key(key, &n, &e, &d); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif ++ + outbuf = malloc(olen); + if (outbuf == NULL) /* oops, couldn't allocate memory */ + return; +@@ -744,7 +826,16 @@ static void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) + u_char *inbuf, *outbuf; + int32 len, ilen, olen; + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *n; ++ BIGNUM *e; ++ BIGNUM *d; ++ RSA_get0_key(key, &n, &e, &d); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif ++ + outbuf = malloc(olen); + if (outbuf == NULL) /* oops, couldn't allocate memory */ + return; +diff --git a/src/ec_sslwrap.c b/src/ec_sslwrap.c +index c6c74421..6369d251 100644 +--- a/src/ec_sslwrap.c ++++ b/src/ec_sslwrap.c +@@ -56,6 +56,10 @@ + #define OPENSSL_NO_KRB5 1 + #include <openssl/ssl.h> + ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) ++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ ++#endif ++ + #define BREAK_ON_ERROR(x,y,z) do { \ + if (x == -E_INVALID) { \ + SAFE_FREE(z.DATA.disp_data); \ +@@ -1102,9 +1106,19 @@ static X509 *sslw_create_selfsigned(X509 *server_cert) + index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1); + if (index >=0) { + ext = X509_get_ext(server_cert, index); ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ ASN1_OCTET_STRING* data; ++ data = X509_EXTENSION_get_data (ext); ++#endif + if (ext) { ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ data->data[7] = 0xe7; ++ data->data[8] = 0x7e; ++ X509_EXTENSION_set_data (ext, data); ++#else + ext->value->data[7] = 0xe7; + ext->value->data[8] = 0x7e; ++#endif + X509_add_ext(out_cert, ext, -1); + } + } +-- +2.11.1 + diff --git a/network/ettercap/patches/CVE-2017-6430.patch b/network/ettercap/patches/CVE-2017-6430.patch new file mode 100644 index 0000000000..67483dcc02 --- /dev/null +++ b/network/ettercap/patches/CVE-2017-6430.patch @@ -0,0 +1,68 @@ +From 4ad7f85dc01202e363659aa473c99470b3f4e1f4 Mon Sep 17 00:00:00 2001 +From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> +Date: Tue, 7 Mar 2017 22:05:31 +0100 +Subject: [PATCH] Fix issue #782 + +--- + utils/etterfilter/ef_compiler.c | 4 +++- + utils/etterfilter/ef_main.c | 10 +++++++--- + utils/etterfilter/ef_output.c | 3 +++ + 3 files changed, 13 insertions(+), 4 deletions(-) + +diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c +index db876636e..ddb73bd30 100644 +--- a/utils/etterfilter/ef_compiler.c ++++ b/utils/etterfilter/ef_compiler.c +@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop) + struct filter_op *array = NULL; + struct unfold_elm *ue; + +- BUG_IF(tree_root == NULL); ++ // invalid file ++ if (tree_root == NULL) ++ return 0; + + fprintf(stdout, " Unfolding the meta-tree "); + fflush(stdout); +diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c +index ae4591344..431084b91 100644 +--- a/utils/etterfilter/ef_main.c ++++ b/utils/etterfilter/ef_main.c +@@ -39,7 +39,7 @@ struct globals *gbls; + + int main(int argc, char *argv[]) + { +- ++ int ret_value = 0; + globals_alloc(); + /* etterfilter copyright */ + fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n", +@@ -84,8 +84,12 @@ int main(int argc, char *argv[]) + fprintf(stdout, "\n\nThe script contains errors...\n\n"); + + /* write to file */ +- if (write_output() != E_SUCCESS) +- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file); ++ ret_value = write_output(); ++ if (ret_value == -E_NOTHANDLED) ++ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file); ++ else if (ret_value == -E_INVALID) ++ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file); ++ + globals_free(); + return 0; + } +diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c +index 5ae591904..fcf19f010 100644 +--- a/utils/etterfilter/ef_output.c ++++ b/utils/etterfilter/ef_output.c +@@ -51,6 +51,9 @@ int write_output(void) + if (fop == NULL) + return -E_NOTHANDLED; + ++ if (ninst == 0) ++ return -E_INVALID; ++ + /* create the file */ + fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644); + ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file); diff --git a/network/ettercap/patches/CVE-2017-8366.patch b/network/ettercap/patches/CVE-2017-8366.patch new file mode 100644 index 0000000000..1897e81d79 --- /dev/null +++ b/network/ettercap/patches/CVE-2017-8366.patch @@ -0,0 +1,258 @@ +From d14d2558da14a33abf7baab28957488a75d16af1 Mon Sep 17 00:00:00 2001 +From: Alexander Koeppe <format_c@online.de> +Date: Thu, 1 Jun 2017 08:56:23 +0200 +Subject: [PATCH 1/4] Add ASAN compiler flags in DEBUG build type + +--- + CMakeLists.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 90050590f..8e823669c 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -126,7 +126,7 @@ if(NOT DISABLE_RPATH) + set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) + set(CMAKE_MACOSX_RPATH 1) + endif(NOT DISABLE_RPATH) +-set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls" CACHE STRING "" FORCE) ++set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) + set(CMAKE_C_FLAGS_RELEASE "-O2 -w -D_FORTIFY_SOURCE=2" CACHE STRING "" FORCE) + + if(OS_DARWIN) + +From 044051d302da73e16b0577eb797cd42affba27e5 Mon Sep 17 00:00:00 2001 +From: Alexander Koeppe <format_c@online.de> +Date: Thu, 1 Jun 2017 08:56:57 +0200 +Subject: [PATCH 2/4] fix buffer over- / underflow conditions + +--- + include/ec_strings.h | 2 +- + src/ec_strings.c | 25 +++++++++++++++---------- + 2 files changed, 16 insertions(+), 11 deletions(-) + +diff --git a/include/ec_strings.h b/include/ec_strings.h +index f791739da..9ad245ef3 100644 +--- a/include/ec_strings.h ++++ b/include/ec_strings.h +@@ -43,7 +43,7 @@ + + EC_API_EXTERN int match_pattern(const char *s, const char *pattern); + EC_API_EXTERN int base64_decode(char *bufplain, const char *bufcoded); +-EC_API_EXTERN int strescape(char *dst, char *src); ++EC_API_EXTERN int strescape(char *dst, char *src, size_t len); + EC_API_EXTERN int str_replace(char **text, const char *s, const char *d); + EC_API_EXTERN size_t strlen_utf8(const char *s); + EC_API_EXTERN char * ec_strtok(char *s, const char *delim, char **ptrptr); +diff --git a/src/ec_strings.c b/src/ec_strings.c +index 53583851a..21b71926c 100644 +--- a/src/ec_strings.c ++++ b/src/ec_strings.c +@@ -167,13 +167,14 @@ static int hextoint(int c) + /* + * convert the escaped string into a binary one + */ +-int strescape(char *dst, char *src) ++int strescape(char *dst, char *src, size_t len) + { + char *olddst = dst; ++ char *oldsrc = src; + int c; + int val; + +- while ((c = *src++) != '\0') { ++ while ((c = *src++) != '\0' && (size_t)(src - oldsrc) <= len) { + if (c == '\\') { + switch ((c = *src++)) { + case '\0': +@@ -218,9 +219,11 @@ int strescape(char *dst, char *src) + if (c >= '0' && c <= '7') + val = (val << 3) | (c - '0'); + else +- --src; ++ if (src > oldsrc) /* protect against buffer underflow */ ++ --src; + } else +- --src; ++ if (src > oldsrc) /* protect against buffer underflow */ ++ --src; + *dst++ = (char) val; + break; + +@@ -232,15 +235,17 @@ int strescape(char *dst, char *src) + c = hextoint(*src++); + if (c >= 0) + val = (val << 4) + c; +- else +- --src; +- } else +- --src; ++ else if (src > oldsrc) /* protect against buffer underflow */ ++ --src; ++ } else if (src > oldsrc) /* protect against buffer underflow */ ++ --src; + *dst++ = (char) val; + break; + } +- } else if (c == 8 || c == 263) /* the backspace */ +- dst--; ++ } else if (c == 8 || c == 263) { /* the backspace */ ++ if (dst > oldsrc) /* protect against buffer underflow */ ++ dst--; ++ } + else + *dst++ = (char) c; + } + +From 19706cf53b189fbc996791cdb4b0d9a1f0feae5f Mon Sep 17 00:00:00 2001 +From: Alexander Koeppe <format_c@online.de> +Date: Thu, 1 Jun 2017 08:57:54 +0200 +Subject: [PATCH 3/4] adapt calls of strescape() adding strlen + +--- + src/ec_encryption.c | 2 +- + src/interfaces/curses/ec_curses_view_connections.c | 2 +- + src/interfaces/gtk/ec_gtk_view_connections.c | 2 +- + utils/etterfilter/ef_encode.c | 18 ++++++++++++------ + 4 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/src/ec_encryption.c b/src/ec_encryption.c +index 6c02529c1..3d5056030 100644 +--- a/src/ec_encryption.c ++++ b/src/ec_encryption.c +@@ -218,7 +218,7 @@ int set_wep_key(char *string) + + if (type == 's') { + /* escape the string and check its length */ +- if (strescape((char *)tmp_wkey, p) != (int)tmp_wkey_len) ++ if (strescape((char *)tmp_wkey, p, strlen(tmp_wkey)+1) != (int)tmp_wkey_len) + SEMIFATAL_ERROR("Specified WEP key length does not match the given string"); + } else if (type == 'p') { + /* create the key from the passphrase */ +diff --git a/src/interfaces/curses/ec_curses_view_connections.c b/src/interfaces/curses/ec_curses_view_connections.c +index fb52331cf..011c0edf7 100644 +--- a/src/interfaces/curses/ec_curses_view_connections.c ++++ b/src/interfaces/curses/ec_curses_view_connections.c +@@ -614,7 +614,7 @@ static void inject_user(void) + size_t len; + + /* escape the sequnces in the buffer */ +- len = strescape((char*)injectbuf, (char*)injectbuf); ++ len = strescape((char*)injectbuf, (char*)injectbuf, strlen(injectbuf)+1); + + /* check where to inject */ + if (wdg_c1->flags & WDG_OBJ_FOCUSED) { +diff --git a/src/interfaces/gtk/ec_gtk_view_connections.c b/src/interfaces/gtk/ec_gtk_view_connections.c +index fa7dfdc58..b55e1755a 100644 +--- a/src/interfaces/gtk/ec_gtk_view_connections.c ++++ b/src/interfaces/gtk/ec_gtk_view_connections.c +@@ -1627,7 +1627,7 @@ static void gtkui_inject_user(int side) + size_t len; + + /* escape the sequnces in the buffer */ +- len = strescape(injectbuf, injectbuf); ++ len = strescape(injectbuf, injectbuf, strlen(injectbuf)+1); + + /* check where to inject */ + if (side == 1 || side == 2) { +diff --git a/utils/etterfilter/ef_encode.c b/utils/etterfilter/ef_encode.c +index d4b9110cd..7e359e062 100644 +--- a/utils/etterfilter/ef_encode.c ++++ b/utils/etterfilter/ef_encode.c +@@ -136,7 +136,8 @@ int encode_const(char *string, struct filter_op *fop) + fop->op.test.string = (u_char*)strdup(string + 1); + + /* escape it in the structure */ +- fop->op.test.slen = strescape((char*)fop->op.test.string, (char*)fop->op.test.string); ++ fop->op.test.slen = strescape((char*)fop->op.test.string, ++ (char*)fop->op.test.string, strlen(fop->op.test.string)+1); + + return E_SUCCESS; + +@@ -184,7 +185,8 @@ int encode_function(char *string, struct filter_op *fop) + fop->opcode = FOP_FUNC; + fop->op.func.op = FFUNC_SEARCH; + fop->op.func.string = (u_char*)strdup(dec_args[1]); +- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); ++ fop->op.func.slen = strescape((char*)fop->op.func.string, ++ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); + ret = E_SUCCESS; + } else + SCRIPT_ERROR("Unknown offset %s ", dec_args[0]); +@@ -202,7 +204,8 @@ int encode_function(char *string, struct filter_op *fop) + fop->opcode = FOP_FUNC; + fop->op.func.op = FFUNC_REGEX; + fop->op.func.string = (u_char*)strdup(dec_args[1]); +- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); ++ fop->op.func.slen = strescape((char*)fop->op.func.string, ++ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); + ret = E_SUCCESS; + } else + SCRIPT_ERROR("Unknown offset %s ", dec_args[0]); +@@ -272,9 +275,11 @@ int encode_function(char *string, struct filter_op *fop) + /* replace always operate at DATA level */ + fop->op.func.level = 5; + fop->op.func.string = (u_char*)strdup(dec_args[0]); +- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); ++ fop->op.func.slen = strescape((char*)fop->op.func.string, ++ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); + fop->op.func.replace = (u_char*)strdup(dec_args[1]); +- fop->op.func.rlen = strescape((char*)fop->op.func.replace, (char*)fop->op.func.replace); ++ fop->op.func.rlen = strescape((char*)fop->op.func.replace, ++ (char*)fop->op.func.replace, strlen(fop->op.func.replace)+1); + ret = E_SUCCESS; + } else + SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name); +@@ -328,7 +333,8 @@ int encode_function(char *string, struct filter_op *fop) + if (nargs == 1) { + fop->op.func.op = FFUNC_MSG; + fop->op.func.string = (u_char*)strdup(dec_args[0]); +- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); ++ fop->op.func.slen = strescape((char*)fop->op.func.string, ++ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); + ret = E_SUCCESS; + } else + SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name); + +From b005d55d4eae444c5be14eb792b50657a14c7b1d Mon Sep 17 00:00:00 2001 +From: Alexander Koeppe <format_c@online.de> +Date: Sun, 4 Jun 2017 08:09:04 +0200 +Subject: [PATCH 4/4] Only add ASAN flags depeding on compiler version + +--- + CMakeLists.txt | 22 +++++++++++++++++++++- + 1 file changed, 21 insertions(+), 1 deletion(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 8e823669c..8f7c7c368 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -126,7 +126,27 @@ if(NOT DISABLE_RPATH) + set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) + set(CMAKE_MACOSX_RPATH 1) + endif(NOT DISABLE_RPATH) +-set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) ++ ++# set general build flags for debug build-type ++set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls" CACHE STRING "" FORCE) ++# append ASAN build flags if compiler version has support ++if ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU") ++ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) ++ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) ++ message("Building with ASAN support (GNU compiler)") ++ else (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) ++ message("Building without ASAN support (GNU compiler)") ++ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) ++elseif ("${CMAKE_C_COMPILER_ID}" STREQUAL "Clang") ++ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) ++ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) ++ message("Building with ASAN support (Clang compiler)") ++ elseif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) ++ message("Building without ASAN support (Clang compiler)") ++ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) ++endif ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU") ++ ++# set build flags for release build-type + set(CMAKE_C_FLAGS_RELEASE "-O2 -w -D_FORTIFY_SOURCE=2" CACHE STRING "" FORCE) + + if(OS_DARWIN) |