commit open-lldp for openSUSE:Factory

31 Oct 2023

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package open-lldp for openSUSE:Factory checked in at 2023-10-31 20:25:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/open-lldp (Old)
 and      /work/SRC/openSUSE:Factory/.open-lldp.new.17445 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "open-lldp"

Tue Oct 31 20:25:15 2023 rev:22 rq:1121017 version:1.1+77.75e83b6fb98e

Changes:
--------

--- /work/SRC/openSUSE:Factory/open-lldp/open-lldp.changes	2022-10-28 19:28:55.942451411 +0200
+++ /work/SRC/openSUSE:Factory/.open-lldp.new.17445/open-lldp.changes	2023-10-31 20:25:22.097209536 +0100
@@ -1,0 +2,23 @@
+Fri Oct 27 19:15:39 UTC 2023 - lduncan@suse.com
+
+- Update to version latest Intel upstream (v1.1+77.75e83b6fb98e, jsc#PED-6852):
+  * lldpad: dcbx: prevent null dereference in dcbx_free_data
+  * dcbx: Fix use-after-free
+  * dcbx: Fix NULL pointer dereference
+  * dcbx: Fix leak when receiving legacy TLVs with mismatched mode
+  * lldp: Reject frames with duplicate TLVs
+  * dcbx: Free manifest in rchange callback
+  * dcbx: Avoid memory leak if ifup is called twice
+  * ctrl_iface: Fix a memory leak in ctrl_iface_deinit
+  * lldp: Avoid sending uninitialized data
+  * lldptool: fix null pointer deference
+  * Revert "Use interface index instead of name in libconfig"
+  * Avoiding null pointer dereference
+  * agent: reset frame status on message delete
+  * basman: use return address when pulling address
+  * 8021Qaz: check for rx block validity
+  * 8021qaz: squelch initialization errors
+  * macvtap: fix error condition
+  * vdp22: convert command parsing to null term
+
+-------------------------------------------------------------------

Old:
----
  open-lldp-v1.1+58.8ca361bab766.tar.xz

New:
----
  open-lldp-v1.1+77.75e83b6fb98e.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ open-lldp.spec ++++++
--- /var/tmp/diff_new_pack.6wQRiT/_old	2023-10-31 20:25:23.337255083 +0100
+++ /var/tmp/diff_new_pack.6wQRiT/_new	2023-10-31 20:25:23.337255083 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package open-lldp
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
 Summary:        Link Layer Discovery Protocol (LLDP) Agent
 License:        GPL-2.0-only
 Group:          System/Daemons
-Version:        1.1+58.8ca361bab766
+Version:        1.1+77.75e83b6fb98e
 Release:        0
 BuildRequires:  bison
 BuildRequires:  flex

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.6wQRiT/_old	2023-10-31 20:25:23.373256406 +0100
+++ /var/tmp/diff_new_pack.6wQRiT/_new	2023-10-31 20:25:23.377256553 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/openSUSE/lldpad.git</param>
-              <param name="changesrevision">8ca361bab7668aaa0ef54cba87a163e6e373f2ac</param></service></servicedata>
+              <param name="changesrevision">75e83b6fb98e79383b6243feafa3211a87ef78e9</param></service></servicedata>
 (No newline at EOF)
 

++++++ open-lldp-v1.1+58.8ca361bab766.tar.xz -> open-lldp-v1.1+77.75e83b6fb98e.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/open-lldp-v1.1+58.8ca361bab766/ctrl_iface.c new/open-lldp-v1.1+77.75e83b6fb98e/ctrl_iface.c
--- old/open-lldp-v1.1+58.8ca361bab766/ctrl_iface.c	2022-10-26 20:56:09.000000000 +0200
+++ new/open-lldp-v1.1+77.75e83b6fb98e/ctrl_iface.c	2023-10-27 21:11:44.000000000 +0200
@@ -514,6 +514,7 @@
 	while (dst) {
 		prev = dst;
 		dst = dst->next;
+		free(prev->tlv_types);
 		free(prev);
 	}
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/open-lldp-v1.1+58.8ca361bab766/lldp/rx.c new/open-lldp-v1.1+77.75e83b6fb98e/lldp/rx.c
--- old/open-lldp-v1.1+58.8ca361bab766/lldp/rx.c	2022-10-26 20:56:09.000000000 +0200
+++ new/open-lldp-v1.1+77.75e83b6fb98e/lldp/rx.c	2023-10-27 21:11:44.000000000 +0200
@@ -342,29 +342,69 @@
 			}
 		}
 		if (tlv->type == TYPE_4) { /* port description */
-			agent->lldpdu |= RCVD_LLDP_TLV_TYPE4;
-			agent->rx.manifest->portdesc = tlv;
-			tlv_stored = true;
+			if (agent->lldpdu & RCVD_LLDP_TLV_TYPE4) {
+				LLDPAD_INFO("Received multiple port description"
+					" TLVs in this LLDPDU\n");
+				frame_error++;
+				free_unpkd_tlv(tlv);
+				goto out;
+			} else {
+				agent->lldpdu |= RCVD_LLDP_TLV_TYPE4;
+				agent->rx.manifest->portdesc = tlv;
+				tlv_stored = true;
+			}
 		}
 		if (tlv->type == TYPE_5) { /* system name */
-			agent->lldpdu |= RCVD_LLDP_TLV_TYPE5;
-			agent->rx.manifest->sysname = tlv;
-			tlv_stored = true;
+			if (agent->lldpdu & RCVD_LLDP_TLV_TYPE5) {
+				LLDPAD_INFO("Received multiple system name"
+					" TLVs in this LLDPDU\n");
+				frame_error++;
+				free_unpkd_tlv(tlv);
+				goto out;
+			} else {
+				agent->lldpdu |= RCVD_LLDP_TLV_TYPE5;
+				agent->rx.manifest->sysname = tlv;
+				tlv_stored = true;
+			}
 		}
 		if (tlv->type == TYPE_6) { /* system description */
-			agent->lldpdu |= RCVD_LLDP_TLV_TYPE6;
-			agent->rx.manifest->sysdesc = tlv;
-			tlv_stored = true;
+			if (agent->lldpdu & RCVD_LLDP_TLV_TYPE6) {
+				LLDPAD_INFO("Received multiple system description"
+					" TLVs in this LLDPDU\n");
+				frame_error++;
+				free_unpkd_tlv(tlv);
+				goto out;
+			} else {
+                            agent->lldpdu |= RCVD_LLDP_TLV_TYPE6;
+                            agent->rx.manifest->sysdesc = tlv;
+                            tlv_stored = true;
+                        }
 		}
 		if (tlv->type == TYPE_7) { /* system capabilities */
-			agent->lldpdu |= RCVD_LLDP_TLV_TYPE7;
-			agent->rx.manifest->syscap = tlv;
-			tlv_stored = true;
+			if (agent->lldpdu & RCVD_LLDP_TLV_TYPE7) {
+				LLDPAD_INFO("Received multiple system capabilities"
+					" TLVs in this LLDPDU\n");
+				frame_error++;
+				free_unpkd_tlv(tlv);
+				goto out;
+			} else {
+				agent->lldpdu |= RCVD_LLDP_TLV_TYPE7;
+				agent->rx.manifest->syscap = tlv;
+				tlv_stored = true;
+			}
 		}
 		if (tlv->type == TYPE_8) { /* mgmt address */
-			agent->lldpdu |= RCVD_LLDP_TLV_TYPE8;
-			agent->rx.manifest->mgmtadd = tlv;
-			tlv_stored = true;
+			if (agent->lldpdu & RCVD_LLDP_TLV_TYPE8) {
+				LLDPAD_INFO("Received multiple mgmt address"
+					" TLVs in this LLDPDU\n");
+				frame_error++;
+				free_unpkd_tlv(tlv);
+				goto out;
+			} else {
+				agent->lldpdu |= RCVD_LLDP_TLV_TYPE8;
+				agent->rx.manifest->mgmtadd = tlv;
+				tlv_stored = true;
+			}
 		}
 
 		/* rx per lldp module */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/open-lldp-v1.1+58.8ca361bab766/lldp/tx.c new/open-lldp-v1.1+77.75e83b6fb98e/lldp/tx.c
--- old/open-lldp-v1.1+58.8ca361bab766/lldp/tx.c	2022-10-26 20:56:09.000000000 +0200
+++ new/open-lldp-v1.1+77.75e83b6fb98e/lldp/tx.c	2023-10-27 21:11:44.000000000 +0200
@@ -96,9 +96,10 @@
 	fb_offset += ptlv->size;
 	free_pkd_tlv(ptlv);
 
-	if (datasize < ETH_MIN_DATA_LEN)
+	if (datasize < ETH_MIN_DATA_LEN) {
+		memset(agent->tx.frameout + fb_offset, 0, ETH_ZLEN - fb_offset);
 		agent->tx.sizeout = ETH_ZLEN;
-	else
+	} else
 		agent->tx.sizeout = fb_offset;
 
 	return true;
@@ -232,9 +233,10 @@
 	fb_offset += ptlv->size;
 	free_pkd_tlv(ptlv);
 
-	if (datasize < ETH_MIN_DATA_LEN)
+	if (datasize < ETH_MIN_DATA_LEN) {
+		memset(agent->tx.frameout + fb_offset, 0, ETH_ZLEN - fb_offset);
 		agent->tx.sizeout = ETH_ZLEN;
-	else
+        } else
 		agent->tx.sizeout = fb_offset;
 	return true;
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/open-lldp-v1.1+58.8ca361bab766/lldp_dcbx.c new/open-lldp-v1.1+77.75e83b6fb98e/lldp_dcbx.c
--- old/open-lldp-v1.1+58.8ca361bab766/lldp_dcbx.c	2022-10-26 20:56:09.000000000 +0200
+++ new/open-lldp-v1.1+77.75e83b6fb98e/lldp_dcbx.c	2023-10-27 21:11:44.000000000 +0200
@@ -57,6 +57,7 @@
 
 void dcbx_free_tlv(struct dcbx_tlvs *tlvs);
 static int dcbx_check_operstate(struct port *port, struct lldp_agent *agent);
+static void clear_dcbx_manifest(struct dcbx_tlvs *dcbx);
 
 const struct lldp_mod_ops dcbx_ops = {
 	.lldp_mod_register	= dcbx_register,
@@ -279,29 +280,6 @@
 	return -1;
 }
 
-void dcbx_free_manifest(struct dcbx_manifest *manifest)
-{
-	if (!manifest)
-		return;
-
-	if (manifest->dcbx1)
-		free_unpkd_tlv(manifest->dcbx1);
-	if (manifest->dcbx2)
-		free_unpkd_tlv(manifest->dcbx2);
-	if (manifest->dcbx_ctrl)
-		free_unpkd_tlv(manifest->dcbx_ctrl);
-	if (manifest->dcbx_pg)
-		free_unpkd_tlv(manifest->dcbx_pg);
-	if (manifest->dcbx_pfc)
-		free_unpkd_tlv(manifest->dcbx_pfc);
-	if (manifest->dcbx_app)
-		free_unpkd_tlv(manifest->dcbx_app);
-	if (manifest->dcbx_llink)
-		free_unpkd_tlv(manifest->dcbx_llink);
-	free(manifest);
-	return;
-}
-
 void dcbx_free_tlv(struct dcbx_tlvs *tlvs)
 {
 	if (!tlvs)
@@ -328,6 +306,10 @@
 	if (tlvs->dcbx2)
 		free_unpkd_tlv(tlvs->dcbx2);
 
+	tlvs->control = tlvs->pg1 = tlvs->pg2 = tlvs->pfc1 =
+		tlvs->pfc2 = tlvs->app1 = tlvs->app2 = tlvs->llink =
+		tlvs->dcbx1 = tlvs->dcbx2 = NULL;
+
 	return;
 }
 
@@ -347,7 +329,6 @@
 		return NULL;
 
 	dcbx_free_tlv(tlvs);
-	memset(tlvs, 0, sizeof(struct dcbx_tlvs));
 
 	dcbx_bld_tlv(port, agent);
 	if (tlvs->dcbx_st == DCBX_SUBTYPE2) {
@@ -371,7 +352,7 @@
 			dd = LIST_FIRST(&dud->head);
 			LIST_REMOVE(dd, entry);
 			dcbx_free_tlv(dd);
-			dcbx_free_manifest(dd->manifest);
+			clear_dcbx_manifest(dd);
 			free(dd);
 		}
 	}
@@ -588,6 +569,7 @@
 	if (exists != cmd_success)
 		dont_advertise_dcbx_all(ifname, 1);
 
+	dcbx_free_tlv(tlvs);
 	dcbx_bld_tlv(port, agent);
 
 	/* if the dcbx field is not filled in by the capabilities
@@ -638,13 +620,13 @@
 
 	LIST_REMOVE(tlvs, entry);
 	dcbx_free_tlv(tlvs);
-	dcbx_free_manifest(tlvs->manifest);
+	clear_dcbx_manifest(tlvs);
 	free(tlvs);
 }
 
-void clear_dcbx_manifest(struct dcbx_tlvs *dcbx)
+static void clear_dcbx_manifest(struct dcbx_tlvs *dcbx)
 {
-	if (!dcbx)
+	if (!dcbx || !dcbx->manifest)
 		return;
 
 	if (dcbx->manifest->dcbx_llink)
@@ -694,6 +676,7 @@
 	 * present
 	 */
 	if (tlv->type == TYPE_1) {
+		clear_dcbx_manifest(dcbx);
 		manifest = malloc(sizeof(*manifest));
 		if (!manifest) {
 			LLDPAD_INFO("failed malloc for manifest\n");
@@ -730,20 +713,21 @@
 		 * However, capture if any legacy DCBX TLVs are recieved.
 		*/
 		if (tlv->info[DCB_OUI_LEN] == DCBX_SUBTYPE2) {
-			if (dcbx->dcbx_st == DCBX_SUBTYPE2)
-				dcbx->manifest->dcbx2 = tlv;
 			agent->lldpdu |= RCVD_LLDP_DCBX2_TLV;
 			dcbx->rxed_tlvs = true;
-			return TLV_OK;
+			if (dcbx->dcbx_st == DCBX_SUBTYPE2) {
+				dcbx->manifest->dcbx2 = tlv;
+				return TLV_OK;
+			}
 		} else if (tlv->info[DCB_OUI_LEN] == DCBX_SUBTYPE1) {
-			if (dcbx->dcbx_st == DCBX_SUBTYPE1)
-				dcbx->manifest->dcbx1 = tlv;
 			agent->lldpdu |= RCVD_LLDP_DCBX1_TLV;
 			dcbx->rxed_tlvs = true;
-			return TLV_OK;
-		} else {
-			return SUBTYPE_INVALID;
+			if (dcbx->dcbx_st == DCBX_SUBTYPE1) {
+				dcbx->manifest->dcbx1 = tlv;
+				return TLV_OK;
+			}
 		}
+		return SUBTYPE_INVALID;
 	}
 
 	if (tlv->type == TYPE_0) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/open-lldp-v1.1+58.8ca361bab766/weak_readline.c new/open-lldp-v1.1+77.75e83b6fb98e/weak_readline.c
--- old/open-lldp-v1.1+58.8ca361bab766/weak_readline.c	2022-10-26 20:56:09.000000000 +0200
+++ new/open-lldp-v1.1+77.75e83b6fb98e/weak_readline.c	2023-10-27 21:11:44.000000000 +0200
@@ -80,10 +80,14 @@
 void close_history(void)
 {
 	if (inited) {
-		dlclose(rl_handle);
-		rl_handle = NULL;
-		dlclose(hist_handle);
-		hist_handle = NULL;
+                if (rl_handle) {
+                        dlclose(rl_handle);
+                        rl_handle = NULL;
+                }
+                if (hist_handle) {
+                        dlclose(hist_handle);
+                        hist_handle = NULL;
+                }
 	}
 }

    

Source-Sync

tags

participants (1)