Ubuntu
frr package

Merge ~michal-maloszewski99/ubuntu/+source/frr:jammy-resolve-strncmp-warnings into ubuntu/+source/frr:ubuntu/jammy-devel

  1. Git
  2. lp:~michal-maloszewski99/ubuntu/+source/frr
  3. jammy-resolve-strncmp-warnings
  4. Merge into ubuntu/jammy-devel
Proposed by Michał Małoszewski
Status: Work in progress
Proposed branch: ~michal-maloszewski99/ubuntu/+source/frr:jammy-resolve-strncmp-warnings
Merge into: ubuntu/+source/frr:ubuntu/jammy-devel
Diff against target: 71 lines (+49/-0)
3 files modified
debian/changelog (+8/-0)
debian/patches/resolve-strncmp-warnings.patch (+40/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Steve Langasek Pending
Canonical Server Reporter Pending
git-ubuntu import Pending
Review via email: mp+450054@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/?format=plain)
  frr @ amd64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/jammy/amd64/f/frr/20230824_222707_3523c@/log.gz
    24.08.23 22:27:07 ✅ Triggers: frr/8.1-1ubuntu1.5~ppa1
  frr @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/jammy/arm64/f/frr/20230824_223551_9d301@/log.gz
    24.08.23 22:35:51 ✅ Triggers: frr/8.1-1ubuntu1.5~ppa1
  frr @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/jammy/armhf/f/frr/20230825_192045_1c70a@/log.gz
    25.08.23 19:20:45 ✅ Triggers: frr/8.1-1ubuntu1.5~ppa1
  frr @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/jammy/ppc64el/f/frr/20230824_222724_1c236@/log.gz
    24.08.23 22:27:24 ✅ Triggers: frr/8.1-1ubuntu1.5~ppa1
  frr @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-frr-jammy-lp1959896/jammy/s390x/f/frr/20230824_233826_e9c9b@/log.gz
    24.08.23 23:38:26 ✅ Triggers: frr/8.1-1ubuntu1.5~ppa1
Running: (none)
Waiting: (none)

Reply
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Please review.

Reply

Unmerged commits

0cf84e1... by Michał Małoszewski

changelog

e79b2d2... by Michał Małoszewski

* d/p/resolve-strncmp-warnings.patch: Fix the strncmp warning by
  getting rid of the sizeof operator that determines the size of
  the data structure. (LP: #1959896)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index fef9ee7..edec9d4 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,11 @@
6+frr (8.1-1ubuntu1.5) jammy; urgency=medium
7+
8+ * d/p/resolve-strncmp-warnings.patch: Fix the strncmp warning by
9+ getting rid of the sizeof operator that determines the size of
10+ the data structure. (LP: #1959896)
11+
12+ -- Michal Maloszewski <michal.maloszewski@canonical.com> Thu, 24 Aug 2023 13:52:20 +0200
13+
14 frr (8.1-1ubuntu1.4) jammy-security; urgency=medium
15
16 * SECURITY UPDATE: denial of service via bgp_attr_psid_sub()
17diff --git a/debian/patches/resolve-strncmp-warnings.patch b/debian/patches/resolve-strncmp-warnings.patch
18new file mode 100644
19index 0000000..5c122d2
20--- /dev/null
21+++ b/debian/patches/resolve-strncmp-warnings.patch
22@@ -0,0 +1,40 @@
23+From c975f1a5e405f7a74d45519862388cd9ea8ce782 Mon Sep 17 00:00:00 2001
24+From: Quentin Young <qlyoung@nvidia.com>
25+Date: Wed, 2 Feb 2022 16:34:03 -0500
26+Subject: [PATCH] bgpd: strncmp -> strcmp in community hash foo
27+
28+buffers are null terminated
29+
30+Origin: upstream, https://github.com/FRRouting/frr/pull/10485/commits/c975f1a5e405f7a74d45519862388cd9ea8ce782
31+Bug: https://github.com/FRRouting/frr/issues/10484
32+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1959896
33+Last-Update: 2023-08-24
34+---
35+ bgpd/bgp_community_alias.c | 7 ++-----
36+ 1 file changed, 2 insertions(+), 5 deletions(-)
37+
38+diff --git a/bgpd/bgp_community_alias.c b/bgpd/bgp_community_alias.c
39+index 793f3ac9ac1c..2c86efb5a028 100644
40+--- a/bgpd/bgp_community_alias.c
41++++ b/bgpd/bgp_community_alias.c
42+@@ -40,9 +40,7 @@ static bool bgp_ca_community_hash_cmp(const void *p1, const void *p2)
43+ const struct community_alias *ca1 = p1;
44+ const struct community_alias *ca2 = p2;
45+
46+- return (strncmp(ca1->community, ca2->community,
47+- sizeof(struct community_alias))
48+- == 0);
49++ return (strcmp(ca1->community, ca2->community) == 0);
50+ }
51+
52+ static unsigned int bgp_ca_alias_hash_key(const void *p)
53+@@ -57,8 +55,7 @@ static bool bgp_ca_alias_hash_cmp(const void *p1, const void *p2)
54+ const struct community_alias *ca1 = p1;
55+ const struct community_alias *ca2 = p2;
56+
57+- return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
58+- == 0);
59++ return (strcmp(ca1->alias, ca2->alias) == 0);
60+ }
61+
62+ static void *bgp_community_alias_alloc(void *p)
63diff --git a/debian/patches/series b/debian/patches/series
64index 27231b6..bbdbc38 100644
65--- a/debian/patches/series
66+++ b/debian/patches/series
67@@ -6,3 +6,4 @@ disable_isisd_fuzz_test.patch
68 CVE-2022-37032.patch
69 CVE-2022-37035.patch
70 CVE-2023-31490.patch
71+resolve-strncmp-warnings.patch

Subscribers

People subscribed via source and target branches