mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 17:18:59 +00:00
59e7ae8d65
This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f5875c4e2
)
69 lines
1.5 KiB
Makefile
69 lines
1.5 KiB
Makefile
#
|
|
# Copyright (C) 2007-2011 OpenWrt.org
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=tcpdump
|
|
PKG_VERSION:=4.9.3
|
|
PKG_RELEASE:=4
|
|
|
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
|
PKG_SOURCE_URL:=http://www.tcpdump.org/release/
|
|
PKG_HASH:=2cd47cb3d460b6ff75f4a9940f594317ad456cfbf2bd2c8e5151e16559db6410
|
|
|
|
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
|
|
PKG_LICENSE:=BSD-3-Clause
|
|
PKG_CPE_ID:=cpe:/a:tcpdump:tcpdump
|
|
|
|
PKG_INSTALL:=1
|
|
PKG_BUILD_PARALLEL:=1
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/tcpdump/default
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
DEPENDS:=+libpcap
|
|
TITLE:=Network monitoring and data acquisition tool
|
|
URL:=http://www.tcpdump.org/
|
|
endef
|
|
|
|
define Package/tcpdump
|
|
$(Package/tcpdump/default)
|
|
VARIANT:=full
|
|
endef
|
|
|
|
define Package/tcpdump-mini
|
|
$(Package/tcpdump/default)
|
|
TITLE+= (minimal version)
|
|
VARIANT:=mini
|
|
endef
|
|
|
|
CONFIGURE_ARGS += \
|
|
--without-cap-ng \
|
|
--without-crypto \
|
|
$(call autoconf_bool,CONFIG_IPV6,ipv6)
|
|
|
|
TARGET_CFLAGS += -ffunction-sections -fdata-sections
|
|
TARGET_LDFLAGS += -Wl,--gc-sections
|
|
|
|
ifeq ($(BUILD_VARIANT),mini)
|
|
TARGET_CFLAGS += -DTCPDUMP_MINI
|
|
CONFIGURE_ARGS += --disable-smb
|
|
MAKE_FLAGS += TCPDUMP_MINI=1
|
|
endif
|
|
|
|
define Package/tcpdump/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/tcpdump $(1)/usr/sbin/
|
|
endef
|
|
|
|
Package/tcpdump-mini/install = $(Package/tcpdump/install)
|
|
|
|
$(eval $(call BuildPackage,tcpdump))
|
|
$(eval $(call BuildPackage,tcpdump-mini))
|