* [meta-networking][kirkstone][PATCH 1/1] tcpdump: refresh CVE-2024-2397 patch to remove fuzz warning
@ 2025-08-20 2:45 haixiao.yan.cn
0 siblings, 0 replies; only message in thread
From: haixiao.yan.cn @ 2025-08-20 2:45 UTC (permalink / raw)
To: openembedded-devel
From: Haixiao Yan <haixiao.yan.cn@windriver.com>
The CVE-2024-2397 patch was applied with fuzz and offset adjustments:
Hunk #1 succeeded at 42 with fuzz 2 (offset 5 lines).
...
Refreshed the patch against tcpdump 4.99.4 sources to align context and
line numbers.
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
---
.../tcpdump/tcpdump/CVE-2024-2397.patch | 26 +++++++++++--------
1 file changed, 15 insertions(+), 11 deletions(-)
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch
index 169ec6be7044..a0e7df923734 100644
--- a/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch
+++ b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch
@@ -1,4 +1,4 @@
-From b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Mon Sep 17 00:00:00 2001
+From 32a589ec83fa4536353f05df4c0cda05176cfe65 Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Tue, 12 Mar 2024 00:37:23 -0700
Subject: [PATCH] ppp: use the buffer stack for the de-escaping buffer.
@@ -24,25 +24,26 @@ routine, in case nd_pop_all_packet_info() didn't restore it.
Upstream-Status: Backport [https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2]
CVE: CVE-2024-2397
Signed-off-by: Ashish Sharma <asharma@mvista.com>
-
+Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
+---
print-ppp.c | 31 +++++++++++++++++--------------
print.c | 8 ++++++--
2 files changed, 23 insertions(+), 16 deletions(-)
diff --git a/print-ppp.c b/print-ppp.c
-index 2cf06c363..9aed23eb9 100644
+index aba243ddb6f2..e5ae0646ebae 100644
--- a/print-ppp.c
+++ b/print-ppp.c
-@@ -37,6 +37,8 @@
-
- #include "netdissect-stdinc.h"
+@@ -42,6 +42,8 @@
+ #include <net/if_ppp.h>
+ #endif
+#include <stdlib.h>
+
#include "netdissect.h"
#include "extract.h"
#include "addrtoname.h"
-@@ -1358,7 +1360,6 @@ ppp_hdlc(netdissect_options *ndo,
+@@ -1363,7 +1365,6 @@ ppp_hdlc(netdissect_options *ndo,
u_char *b, *t, c;
const u_char *s;
u_int i, proto;
@@ -50,7 +51,7 @@ index 2cf06c363..9aed23eb9 100644
if (caplen == 0)
return;
-@@ -1366,9 +1367,11 @@ ppp_hdlc(netdissect_options *ndo,
+@@ -1371,9 +1372,11 @@ ppp_hdlc(netdissect_options *ndo,
if (length == 0)
return;
@@ -65,7 +66,7 @@ index 2cf06c363..9aed23eb9 100644
/*
* Unescape all the data into a temporary, private, buffer.
-@@ -1389,13 +1392,15 @@ ppp_hdlc(netdissect_options *ndo,
+@@ -1394,13 +1397,15 @@ ppp_hdlc(netdissect_options *ndo,
}
/*
@@ -87,7 +88,7 @@ index 2cf06c363..9aed23eb9 100644
length = ND_BYTES_AVAILABLE_AFTER(b);
/* now lets guess about the payload codepoint format */
-@@ -1437,13 +1442,11 @@ ppp_hdlc(netdissect_options *ndo,
+@@ -1442,13 +1447,11 @@ ppp_hdlc(netdissect_options *ndo,
}
cleanup:
@@ -104,7 +105,7 @@ index 2cf06c363..9aed23eb9 100644
}
diff --git a/print.c b/print.c
-index b9ba5997d..f20633388 100644
+index 9c0ab8622de1..33706b93228d 100644
--- a/print.c
+++ b/print.c
@@ -431,10 +431,14 @@ pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h,
@@ -124,3 +125,6 @@ index b9ba5997d..f20633388 100644
if (ndo->ndo_Xflag) {
/*
* Print the raw packet data in hex and ASCII.
+--
+2.34.1
+
--
2.34.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2025-08-20 2:45 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-20 2:45 [meta-networking][kirkstone][PATCH 1/1] tcpdump: refresh CVE-2024-2397 patch to remove fuzz warning haixiao.yan.cn
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).