* [PR PATCH] busybox: applied CVE-2022-28391 fix patches
@ 2022-08-16 18:58 Sigmw
2022-08-16 19:09 ` [PR PATCH] [Updated] " Sigmw
` (18 more replies)
0 siblings, 19 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 18:58 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1721 bytes --]
There is a new pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: applied CVE-2022-28391 fix patches
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5121 bytes --]
From c3091c3fb10e1a6ec43a1b7e33c9da9e95400194 Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: applied CVE-2022-28391 fix patches
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
2 files changed, 107 insertions(+)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Updated] busybox: applied CVE-2022-28391 fix patches
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
@ 2022-08-16 19:09 ` Sigmw
2022-08-16 19:10 ` [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391 Sigmw
` (17 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 19:09 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1726 bytes --]
There is an updated pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: applied CVE-2022-28391 fix patches
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5131 bytes --]
From e4c98c6a01f8dd84a3173cb88f6109bd2353ae72 Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: revbump and added patches for CVE-2022-28391
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
2 files changed, 107 insertions(+)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
2022-08-16 19:09 ` [PR PATCH] [Updated] " Sigmw
@ 2022-08-16 19:10 ` Sigmw
2022-08-16 19:47 ` Sigmw
` (16 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 19:10 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1738 bytes --]
There is an updated pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: revbump and added patches for CVE-2022-28391
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5575 bytes --]
From cd1e576b3a4908f9e9e8fefe78b3fb55d9d90441 Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: revbump and added patches for CVE-2022-28391
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
srcpkgs/busybox/template | 2 +-
3 files changed, 108 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
diff --git a/srcpkgs/busybox/template b/srcpkgs/busybox/template
index df5262d24c88..7f5f29d2ff60 100644
--- a/srcpkgs/busybox/template
+++ b/srcpkgs/busybox/template
@@ -1,7 +1,7 @@
# Template file for 'busybox'
pkgname=busybox
version=1.34.1
-revision=1
+revision=2
hostmakedepends="perl"
checkdepends="tar which zip"
short_desc="Swiss Army Knife of Embedded Linux"
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
2022-08-16 19:09 ` [PR PATCH] [Updated] " Sigmw
2022-08-16 19:10 ` [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391 Sigmw
@ 2022-08-16 19:47 ` Sigmw
2022-08-16 20:38 ` CameronNemo
` (15 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 19:47 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1738 bytes --]
There is an updated pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: revbump and added patches for CVE-2022-28391
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5799 bytes --]
From 2af0014112791321f21426bfc29a1445855d73bd Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: revbump and added patches for CVE-2022-28391
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
srcpkgs/busybox/template | 4 +-
3 files changed, 109 insertions(+), 2 deletions(-)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
diff --git a/srcpkgs/busybox/template b/srcpkgs/busybox/template
index df5262d24c88..2ed6e8759d30 100644
--- a/srcpkgs/busybox/template
+++ b/srcpkgs/busybox/template
@@ -1,11 +1,11 @@
# Template file for 'busybox'
pkgname=busybox
version=1.34.1
-revision=1
+revision=2
hostmakedepends="perl"
checkdepends="tar which zip"
short_desc="Swiss Army Knife of Embedded Linux"
-maintainer="Cameron Nemo <cnemo@tutanota.com>"
+maintainer="Lucas Roberto <sigmw@protonmail.com>"
license="GPL-2.0-only"
homepage="https://www.busybox.net"
distfiles="${homepage}/downloads/busybox-${version}.tar.bz2"
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (2 preceding siblings ...)
2022-08-16 19:47 ` Sigmw
@ 2022-08-16 20:38 ` CameronNemo
2022-08-16 20:38 ` [PR REVIEW] " CameronNemo
` (14 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-16 20:38 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 207 bytes --]
New comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217136115
Comment:
Typically we don't mention the revbump in the commit message.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR REVIEW] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (3 preceding siblings ...)
2022-08-16 20:38 ` CameronNemo
@ 2022-08-16 20:38 ` CameronNemo
2022-08-16 20:40 ` Sigmw
` (13 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-16 20:38 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 169 bytes --]
New review comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#discussion_r947229527
Comment:
Lol have fun :+1:
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR REVIEW] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (4 preceding siblings ...)
2022-08-16 20:38 ` [PR REVIEW] " CameronNemo
@ 2022-08-16 20:40 ` Sigmw
2022-08-16 20:40 ` Sigmw
` (12 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 20:40 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 216 bytes --]
New review comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#discussion_r947230630
Comment:
Thought this should be changed for the next update, no? If not, sorry.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (5 preceding siblings ...)
2022-08-16 20:40 ` Sigmw
@ 2022-08-16 20:40 ` Sigmw
2022-08-16 21:06 ` [PR REVIEW] " CameronNemo
` (11 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 20:40 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 239 bytes --]
New comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217139587
Comment:
> Typically we don't mention the revbump in the commit message.
So what should be the commit name?
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR REVIEW] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (6 preceding siblings ...)
2022-08-16 20:40 ` Sigmw
@ 2022-08-16 21:06 ` CameronNemo
2022-08-16 21:07 ` CameronNemo
` (10 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-16 21:06 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 257 bytes --]
New review comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#discussion_r947250584
Comment:
Oh generally the maintainer is not removed unless they are inactive or purposefully moving maintainership.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (7 preceding siblings ...)
2022-08-16 21:06 ` [PR REVIEW] " CameronNemo
@ 2022-08-16 21:07 ` CameronNemo
2022-08-16 22:28 ` [PR PATCH] [Updated] " Sigmw
` (9 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-16 21:07 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 239 bytes --]
New comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217166587
Comment:
Also use present tense in the commit message.
So `busybox: add patches for CVE-2022-28391`
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (8 preceding siblings ...)
2022-08-16 21:07 ` CameronNemo
@ 2022-08-16 22:28 ` Sigmw
2022-08-16 22:28 ` Sigmw
` (8 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 22:28 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1738 bytes --]
There is an updated pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: revbump and added patches for CVE-2022-28391
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5575 bytes --]
From c506382364acb9d349f78d166c2f1ddd051709c3 Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: revbump and added patches for CVE-2022-28391
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
srcpkgs/busybox/template | 2 +-
3 files changed, 108 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
diff --git a/srcpkgs/busybox/template b/srcpkgs/busybox/template
index df5262d24c88..7f5f29d2ff60 100644
--- a/srcpkgs/busybox/template
+++ b/srcpkgs/busybox/template
@@ -1,7 +1,7 @@
# Template file for 'busybox'
pkgname=busybox
version=1.34.1
-revision=1
+revision=2
hostmakedepends="perl"
checkdepends="tar which zip"
short_desc="Swiss Army Knife of Embedded Linux"
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (9 preceding siblings ...)
2022-08-16 22:28 ` [PR PATCH] [Updated] " Sigmw
@ 2022-08-16 22:28 ` Sigmw
2022-08-16 22:29 ` [PR REVIEW] " Sigmw
` (7 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 22:28 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1738 bytes --]
There is an updated pull request by Sigmw against master on the void-packages repository
https://github.com/Sigmw/void-packages busybox
https://github.com/void-linux/void-packages/pull/38722
busybox: revbump and added patches for CVE-2022-28391
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
A patch file from https://github.com/void-linux/void-packages/pull/38722.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-busybox-38722.patch --]
[-- Type: text/x-diff, Size: 5561 bytes --]
From 3f6fee72d2d085e7e7676e18ec818383f442d1b7 Mon Sep 17 00:00:00 2001
From: Lucas Roberto <sigmw@protonmail.com>
Date: Tue, 16 Aug 2022 15:55:21 -0300
Subject: [PATCH] busybox: add patches for CVE-2022-28391
---
...tr-ensure-only-printable-characters-.patch | 40 +++++++++++
...e-all-printed-strings-with-printable.patch | 67 +++++++++++++++++++
srcpkgs/busybox/template | 2 +-
3 files changed, 108 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
create mode 100644 srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
diff --git a/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
new file mode 100644
index 000000000000..1d1716e3b0c1
--- /dev/null
+++ b/srcpkgs/busybox/patches/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -0,0 +1,40 @@
+From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:14:33 +0000
+Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
+ returned for the hostname part
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ libbb/xconnect.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libbb/xconnect.c b/libbb/xconnect.c
+index 0e0b247b8..02c061e67 100644
+--- a/libbb/xconnect.c
++++ b/libbb/xconnect.c
+@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ );
+ if (rc)
+ return NULL;
++ /* ensure host contains only printable characters */
+ if (flags & IGNORE_PORT)
+- return xstrdup(host);
++ return xstrdup(printable_string(host));
+ #if ENABLE_FEATURE_IPV6
+ if (sa->sa_family == AF_INET6) {
+ if (strchr(host, ':')) /* heh, it's not a resolved hostname */
+@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
+ #endif
+ /* For now we don't support anything else, so it has to be INET */
+ /*if (sa->sa_family == AF_INET)*/
+- return xasprintf("%s:%s", host, serv);
++ return xasprintf("%s:%s", printable_string(host), serv);
+ /*return xstrdup(host);*/
+ }
+
+--
+2.35.1
+
diff --git a/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
new file mode 100644
index 000000000000..475850964a0f
--- /dev/null
+++ b/srcpkgs/busybox/patches/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -0,0 +1,67 @@
+From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Sun, 3 Apr 2022 12:16:45 +0000
+Subject: [PATCH 2/2] nslookup: sanitize all printed strings with
+ printable_string
+
+Otherwise, terminal sequences can be injected, which enables various terminal injection
+attacks from DNS results.
+
+CVE: Pending
+Upstream-Status: Pending
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ networking/nslookup.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/networking/nslookup.c b/networking/nslookup.c
+index 6da97baf4..4bdcde1b8 100644
+--- a/networking/nslookup.c
++++ b/networking/nslookup.c
+@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Unable to uncompress domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf(format, ns_rr_name(rr), dname);
++ printf(format, ns_rr_name(rr), printable_string(dname));
+ break;
+
+ case ns_t_mx:
+@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ //printf("Cannot uncompress MX domain: %s\n", strerror(errno));
+ return -1;
+ }
+- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname));
+ break;
+
+ case ns_t_txt:
+@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ if (n > 0) {
+ memset(dname, 0, sizeof(dname));
+ memcpy(dname, ns_rr_rdata(rr) + 1, n);
+- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname));
+ }
+ break;
+
+@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ }
+
+ printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr),
+- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname);
++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname));
+ break;
+
+ case ns_t_soa:
+@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len)
+ return -1;
+ }
+
+- printf("\tmail addr = %s\n", dname);
++ printf("\tmail addr = %s\n", printable_string(dname));
+ cp += n;
+
+ printf("\tserial = %lu\n", ns_get32(cp));
+--
+2.35.1
diff --git a/srcpkgs/busybox/template b/srcpkgs/busybox/template
index df5262d24c88..7f5f29d2ff60 100644
--- a/srcpkgs/busybox/template
+++ b/srcpkgs/busybox/template
@@ -1,7 +1,7 @@
# Template file for 'busybox'
pkgname=busybox
version=1.34.1
-revision=1
+revision=2
hostmakedepends="perl"
checkdepends="tar which zip"
short_desc="Swiss Army Knife of Embedded Linux"
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR REVIEW] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (10 preceding siblings ...)
2022-08-16 22:28 ` Sigmw
@ 2022-08-16 22:29 ` Sigmw
2022-08-16 22:29 ` Sigmw
` (6 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 22:29 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 192 bytes --]
New review comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#discussion_r947300053
Comment:
If you want i can keep my name 👀 👀 👀
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR REVIEW] busybox: revbump and added patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (11 preceding siblings ...)
2022-08-16 22:29 ` [PR REVIEW] " Sigmw
@ 2022-08-16 22:29 ` Sigmw
2022-08-16 22:49 ` busybox: add " CameronNemo
` (5 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 22:29 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 178 bytes --]
New review comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#discussion_r947300176
Comment:
Just kidding! I reverted. (👀 )
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (12 preceding siblings ...)
2022-08-16 22:29 ` Sigmw
@ 2022-08-16 22:49 ` CameronNemo
2022-08-16 23:24 ` [PR PATCH] [Closed]: " Sigmw
` (4 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-16 22:49 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 150 bytes --]
New comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217247711
Comment:
LGTM
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (14 preceding siblings ...)
2022-08-16 23:24 ` [PR PATCH] [Closed]: " Sigmw
@ 2022-08-16 23:24 ` Sigmw
2022-08-16 23:25 ` Sigmw
` (2 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 23:24 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 186 bytes --]
New comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217268420
Comment:
> LGTM
So.... You need to accept the review
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Closed]: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (13 preceding siblings ...)
2022-08-16 22:49 ` busybox: add " CameronNemo
@ 2022-08-16 23:24 ` Sigmw
2022-08-16 23:24 ` Sigmw
` (3 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 23:24 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1571 bytes --]
There's a closed pull request on the void-packages repository
busybox: add patches for CVE-2022-28391
https://github.com/void-linux/void-packages/pull/38722
Description:
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (15 preceding siblings ...)
2022-08-16 23:24 ` Sigmw
@ 2022-08-16 23:25 ` Sigmw
2022-08-17 0:45 ` CameronNemo
2022-08-18 3:27 ` [PR PATCH] [Merged]: " classabbyamp
18 siblings, 0 replies; 20+ messages in thread
From: Sigmw @ 2022-08-16 23:25 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 169 bytes --]
New comment by Sigmw on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217268792
Comment:
LOL, i closed unintentionally
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (16 preceding siblings ...)
2022-08-16 23:25 ` Sigmw
@ 2022-08-17 0:45 ` CameronNemo
2022-08-18 3:27 ` [PR PATCH] [Merged]: " classabbyamp
18 siblings, 0 replies; 20+ messages in thread
From: CameronNemo @ 2022-08-17 0:45 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 286 bytes --]
New comment by CameronNemo on void-packages repository
https://github.com/void-linux/void-packages/pull/38722#issuecomment-1217313837
Comment:
I am not a committer of Void, so I cannot accept/merge it in the GitHub UI. My comment/approval could help inform people who can merge this.
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [PR PATCH] [Merged]: busybox: add patches for CVE-2022-28391
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
` (17 preceding siblings ...)
2022-08-17 0:45 ` CameronNemo
@ 2022-08-18 3:27 ` classabbyamp
18 siblings, 0 replies; 20+ messages in thread
From: classabbyamp @ 2022-08-18 3:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1571 bytes --]
There's a merged pull request on the void-packages repository
busybox: add patches for CVE-2022-28391
https://github.com/void-linux/void-packages/pull/38722
Description:
<!-- Uncomment relevant sections and delete options which are not applicable -->
#### Testing the changes
- I tested the changes in this PR: **YES**
- This two patches are not upstream, made by Alpine Linux Team, but they are reported in https://bugs.busybox.net/show_bug.cgi?id=14811
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
- Source: https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
- Check CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28391
<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->
<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- aarch64-musl
- armv7l
- armv6l-musl
-->
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2022-08-18 3:27 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-16 18:58 [PR PATCH] busybox: applied CVE-2022-28391 fix patches Sigmw
2022-08-16 19:09 ` [PR PATCH] [Updated] " Sigmw
2022-08-16 19:10 ` [PR PATCH] [Updated] busybox: revbump and added patches for CVE-2022-28391 Sigmw
2022-08-16 19:47 ` Sigmw
2022-08-16 20:38 ` CameronNemo
2022-08-16 20:38 ` [PR REVIEW] " CameronNemo
2022-08-16 20:40 ` Sigmw
2022-08-16 20:40 ` Sigmw
2022-08-16 21:06 ` [PR REVIEW] " CameronNemo
2022-08-16 21:07 ` CameronNemo
2022-08-16 22:28 ` [PR PATCH] [Updated] " Sigmw
2022-08-16 22:28 ` Sigmw
2022-08-16 22:29 ` [PR REVIEW] " Sigmw
2022-08-16 22:29 ` Sigmw
2022-08-16 22:49 ` busybox: add " CameronNemo
2022-08-16 23:24 ` [PR PATCH] [Closed]: " Sigmw
2022-08-16 23:24 ` Sigmw
2022-08-16 23:25 ` Sigmw
2022-08-17 0:45 ` CameronNemo
2022-08-18 3:27 ` [PR PATCH] [Merged]: " classabbyamp
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).