openwrt/package/network/utils/tcpdump/Makefile
Hauke Mehrtens 59e7ae8d65 tcpdump: Fix CVE-2018-16301
This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f5875c4e2)
2022-02-13 00:23:30 +01:00

69 lines
1.5 KiB
Makefile

#
# Copyright (C) 2007-2011 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=tcpdump
PKG_VERSION:=4.9.3
PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.tcpdump.org/release/
PKG_HASH:=2cd47cb3d460b6ff75f4a9940f594317ad456cfbf2bd2c8e5151e16559db6410
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause
PKG_CPE_ID:=cpe:/a:tcpdump:tcpdump
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/tcpdump/default
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libpcap
TITLE:=Network monitoring and data acquisition tool
URL:=http://www.tcpdump.org/
endef
define Package/tcpdump
$(Package/tcpdump/default)
VARIANT:=full
endef
define Package/tcpdump-mini
$(Package/tcpdump/default)
TITLE+= (minimal version)
VARIANT:=mini
endef
CONFIGURE_ARGS += \
--without-cap-ng \
--without-crypto \
$(call autoconf_bool,CONFIG_IPV6,ipv6)
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
ifeq ($(BUILD_VARIANT),mini)
TARGET_CFLAGS += -DTCPDUMP_MINI
CONFIGURE_ARGS += --disable-smb
MAKE_FLAGS += TCPDUMP_MINI=1
endif
define Package/tcpdump/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/tcpdump $(1)/usr/sbin/
endef
Package/tcpdump-mini/install = $(Package/tcpdump/install)
$(eval $(call BuildPackage,tcpdump))
$(eval $(call BuildPackage,tcpdump-mini))