From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1189762-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 17564138359
	for <garchives@archives.gentoo.org>; Wed, 22 Jul 2020 07:22:28 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 34BC7E086C;
	Wed, 22 Jul 2020 07:22:27 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 16C29E086C
	for <gentoo-commits@lists.gentoo.org>; Wed, 22 Jul 2020 07:22:27 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 7902034F0D1
	for <gentoo-commits@lists.gentoo.org>; Wed, 22 Jul 2020 07:22:25 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 04C289C
	for <gentoo-commits@lists.gentoo.org>; Wed, 22 Jul 2020 07:22:23 +0000 (UTC)
From: "Jeroen Roovers" <jer@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Jeroen Roovers" <jer@gentoo.org>
Message-ID: <1595402537.c02681fcb7839ac1829ec09394334ddbca1b0aea.jer@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-libs/nDPI/files/, net-libs/nDPI/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch net-libs/nDPI/nDPI-3.2-r2.ebuild
X-VCS-Directories: net-libs/nDPI/ net-libs/nDPI/files/
X-VCS-Committer: jer
X-VCS-Committer-Name: Jeroen Roovers
X-VCS-Revision: c02681fcb7839ac1829ec09394334ddbca1b0aea
X-VCS-Branch: master
Date: Wed, 22 Jul 2020 07:22:23 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 6ef041f5-efb1-4479-a5c8-abbe8f89b662
X-Archives-Hash: a5d0ce90f90584551ac603f030da96f7

commit:     c02681fcb7839ac1829ec09394334ddbca1b0aea
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 22 07:21:32 2020 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Wed Jul 22 07:22:17 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c02681fc

net-libs/nDPI: Add fix for oob in kerberos dissector

Package-Manager: Portage-3.0.0, Repoman-2.3.23
Bug: https://bugs.gentoo.org/719084
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 ...PI-3.2-0005-Fix-oob-in-kerberos-dissector.patch | 23 ++++++++
 net-libs/nDPI/nDPI-3.2-r2.ebuild                   | 65 ++++++++++++++++++++++
 2 files changed, 88 insertions(+)

diff --git a/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
new file mode 100644
index 00000000000..cd34875890c
--- /dev/null
+++ b/net-libs/nDPI/files/nDPI-3.2-0005-Fix-oob-in-kerberos-dissector.patch
@@ -0,0 +1,23 @@
+From 6735bb35c65c60a777557c3277546d5801729995 Mon Sep 17 00:00:00 2001
+From: Alfredo Cardigliano <alfredo.cardigliano@gmail.com>
+Date: Tue, 21 Jul 2020 00:46:37 +0200
+Subject: [PATCH] Fix oob in kerberos dissector
+
+---
+ src/lib/protocols/kerberos.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/protocols/kerberos.c b/src/lib/protocols/kerberos.c
+index 2bacbf51..2ed824fa 100644
+--- a/src/lib/protocols/kerberos.c
++++ b/src/lib/protocols/kerberos.c
+@@ -185,7 +185,8 @@ void ndpi_search_kerberos(struct ndpi_detection_module_struct *ndpi_struct,
+ 
+ 	      body_offset = koffsetp + 1 + pad_len;
+ 
+-	      for(i=0; i<10; i++) if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
++              for(i=0; i<10 && body_offset < packet->payload_packet_len; i++)
++                if(packet->payload[body_offset] != 0x05) body_offset++; /* ASN.1 */
+ #ifdef KERBEROS_DEBUG
+ 	      printf("body_offset=%u [%02X %02X] [byte 0 must be 0x05]\n", body_offset, packet->payload[body_offset], packet->payload[body_offset+1]);
+ #endif

diff --git a/net-libs/nDPI/nDPI-3.2-r2.ebuild b/net-libs/nDPI/nDPI-3.2-r2.ebuild
new file mode 100644
index 00000000000..12a23bb316a
--- /dev/null
+++ b/net-libs/nDPI/nDPI-3.2-r2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+inherit autotools multilib
+
+DESCRIPTION="Open Source Deep Packet Inspection Software Toolkit"
+HOMEPAGE="https://www.ntop.org/"
+SRC_URI="https://github.com/ntop/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0/$(ver_cut 1)"
+KEYWORDS="~amd64 ~x86"
+IUSE="static-libs"
+
+DEPEND="
+	dev-libs/json-c:=
+	net-libs/libpcap
+"
+RDEPEND="
+	${DEPEND}
+"
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.2-0000-Check-NULL-strings-in-ndpi_serialize_string_string.patch
+	"${FILESDIR}"/${PN}-3.2-0001-Added-fix-for-serialization-loop.patch
+	"${FILESDIR}"/${PN}-3.2-0002-Refresh-of-ndpi_netbios_name_interpret.patch
+	"${FILESDIR}"/${PN}-3.2-0003-Fixed-invalid-allocation.patch
+	"${FILESDIR}"/${PN}-3.2-0004-Fix-for-serialization-of-strings-where-the-first-element-is-a-zero-le.patch
+	"${FILESDIR}"/${PN}-3.2-0005-Fix-oob-in-kerberos-dissector.patch
+)
+
+src_prepare() {
+	eval $(grep '^NDPI_MAJOR=' autogen.sh)
+	eval $(grep '^NDPI_MINOR=' autogen.sh)
+	eval $(grep '^NDPI_PATCH=' autogen.sh)
+	NDPI_VERSION_SHORT="${NDPI_MAJOR}.${NDPI_MINOR}.${NDPI_PATCH}"
+
+	sed \
+		-e "s/@NDPI_MAJOR@/${NDPI_MAJOR}/g" \
+		-e "s/@NDPI_MINOR@/${NDPI_MINOR}/g" \
+		-e "s/@NDPI_PATCH@/${NDPI_PATCH}/g" \
+		-e "s/@NDPI_VERSION_SHORT@/${NDPI_VERSION_SHORT}/g" \
+		< "${S}/configure.seed" \
+		> "${S}/configure.ac" || die
+
+	sed -i \
+		-e "s%^libdir\s*=\s*\${prefix}/lib\s*$%libdir     = \${prefix}/$(get_libdir)%" \
+		src/lib/Makefile.in || die
+
+	default
+	eautoreconf
+
+	# Taken from autogen.sh (bug #704074):
+	sed -i \
+		-e "s/#define PACKAGE/#define NDPI_PACKAGE/g" \
+		-e "s/#define VERSION/#define NDPI_VERSION/g" \
+		configure || die
+}
+
+src_install() {
+	default
+	if ! use static-libs; then
+		rm "${D}"/usr/$(get_libdir)/lib${PN,,}.a || die
+	fi
+}