| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixes #16
Signed-off-by: 5eraph <5eraph@protonmail.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
build-sys: fix NetBSD build regression
See merge request slirp/libslirp!36
|
|
Fixes: 09d410adbff5422b7ba7596bce0ca71f9f807ea9 ("allow custom MTU")
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
We didn't specify any version so far, but the git generated version
requires 0.49:
WARNING: Project specifies a minimum meson_version '>= 0.48' but uses features which were added in newer versions:
* 0.49.0: {'Calling "add_dist_script" with multiple arguments'}
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Teach slirp_version_string() to return vcs version
See merge request slirp/libslirp!34
|
|
Fix mingw scope-id warning
See merge request slirp/libslirp!35
|
|
Meson build will use a vcs-generate version, while Makefile will
always use -git version, since it is only intended for submodule
usage. Eventually can be improved if needed.
Fixes:
https://gitlab.freedesktop.org/slirp/libslirp/issues/17
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Oops, it turns out the variable is there for portability reasons.
This reverts commit d65f3030a82743bf506b0611a6a1a0358ea5d52b.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Release v4.2.0
Closes #15
See merge request slirp/libslirp!33
|
|
Translate fixes
See merge request slirp/libslirp!32
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Currently, any address within the subnetwork will fallback on
loopback. It seems it has always been like that, but it seems wrong,
and I don't see a good reason to keep it this way. Fortunately, lack
of ARP reply made this unusable in practice, so we shouldn't break
much existing users.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Somewhat related to #16, but not as restrictive.
(imho, it should be possible to access any port on the given DNS IP,
not just 53)
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
The value is only set on success.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
use specific outbound IP address
See merge request slirp/libslirp!30
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Fixes #14
Signed-off-by: 5eraph <bcervenka@protonmail.com>
|
|
misc: slirp_fmt*() improvements
See merge request slirp/libslirp!28
|
|
Fix loading of guestfwd state
Unsure how testing usually is done for changes in this project.
I have built qemu with this change and it fixes the bug in my setup (testbed where a system is booted a snapshot is created, and then that snapshot is restored many times to run different tests. Outbound syslog uses a guestfwd to a qemu chardev)
See merge request slirp/libslirp!29
|
|
The refactoring done in commit d181d14b "slirp: use a dedicated field
for chardev pointer" forgot to change one place in slirp_state_load
where 'ex_exec' was used to store the chardev ptr. This broke loading
of saved state.
Later commit 4f38cfb5 "slirp: remove unused EMU_RSH" removed this line
all together, as it now looked like it didn't do anything.
This commit ensures that guestfwd is properly setup on the socket when
loading state.
Signed-off-by: Anders Waldenborg <anders@0x63.nu>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
The GLib impl guarantees GNU compatible format strings, which fixes
the horror of Windows platform format strings.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Various calls to snprintf() assume that snprintf() returns "only" the
number of bytes written (excluding terminating NUL).
https://pubs.opengroup.org/onlinepubs/9699919799/functions/snprintf.html#tag_16_159_04
"Upon successful completion, the snprintf() function shall return the
number of bytes that would be written to s had n been sufficiently
large excluding the terminating null byte."
Before patch ce131029, if there isn't enough room in "m_data" for the
"DCC ..." message, we overflow "m_data".
After the patch, if there isn't enough room for the same, we don't
overflow "m_data", but we set "m_len" out-of-bounds. The next time an
access is bounded by "m_len", we'll have a buffer overflow then.
Use slirp_fmt*() to fix potential OOB memory access.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-7-marcandre.lureau@redhat.com>
|
|
Make it safer to OOB (sb_cc must not go out of sb_data), warn on
truncation, abort on error.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-6-marcandre.lureau@redhat.com>
|
|
Make it OOB-safe, warn on truncation, always \0-end, abort on error.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-5-marcandre.lureau@redhat.com>
|
|
Those are safe and should never fail. Nevertheless, use
slirp_snfillf0() for more safety.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-4-marcandre.lureau@redhat.com>
|
|
Warn if result is truncated, return bytes actually written (excluding \0).
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-3-marcandre.lureau@redhat.com>
|
|
Various calls to snprintf() in libslirp assume that snprintf() returns
"only" the number of bytes written (excluding terminating NUL).
https://pubs.opengroup.org/onlinepubs/9699919799/functions/snprintf.html#tag_16_159_04
"Upon successful completion, the snprintf() function shall return the
number of bytes that would be written to s had n been sufficiently
large excluding the terminating null byte."
Introduce slirp_fmt() that handles several pathological cases the
way libslirp usually expect:
- treat error as fatal (instead of silently returning -1)
- fmt0() will always \0 end
- return the number of bytes actually written (instead of what would
have been written, which would usually result in OOB later), including
the ending \0 for fmt0()
- warn if truncation happened (instead of ignoring)
Other less common cases can still be handled with strcpy/snprintf() etc.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200127092414.169796-2-marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
The current computation is a bit convoluted, and doesn't reflect >0.
What is actually computed is sizeof():
struct tftp_t {
struct udphdr udp;
uint16_t tp_op;
union {
...
char tp_buf[TFTP_BLOCKSIZE_MAX + 2];
} x;
}
- sizeof(struct udphdr) == udp field
- (TFTP_BLOCKSIZE_MAX + 2) == tp_buf field
+ n
What remains is: G_SIZEOF_MEMBER(struct tftp_t, tp_op) + n.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Minor code simplification.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
If the given bootp_filename is too long, it is silently truncated in
bootp.c snprintf().
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
I am (overly?) optimistic this macro will be added to glib:
https://gitlab.gnome.org/GNOME/glib/merge_requests/1333
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
tftp restricts relative or directory path access on Linux systems.
Apply same restrictions on Windows systems too. It helps to avoid
directory traversal issue.
Fixes: https://bugs.launchpad.net/qemu/+bug/1812451
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200113121431.156708-1-ppandit@redhat.com>
|
|
While emulating services in tcp_emu(), it uses 'mbuf' size
'm->m_size' to write commands via snprintf(3). Use M_FREEROOM(m)
size to avoid possible OOB access.
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200109094228.79764-3-ppandit@redhat.com>
|
|
While emulating IRC DCC commands, tcp_emu() uses 'mbuf' size
'm->m_size' to write DCC commands via snprintf(3). This may
lead to OOB write access, because 'bptr' points somewhere in
the middle of 'mbuf' buffer, not at the start. Use M_FREEROOM(m)
size to avoid OOB access.
Reported-by: Vishnu Dev TJ <vishnudevtj@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-Id: <20200109094228.79764-2-ppandit@redhat.com>
|
|
tcp_emu: Fix oob access
See merge request slirp/libslirp!27
|
|
The main loop only checks for one available byte, while we sometimes
need two bytes.
|
|
Add slirp_add_unix()
See merge request slirp/libslirp!26
|
|
Add a new function to forward to a unix socket.
Signed-off-by: Renzo Davoli <renzo@cs.unibo.it>
[ Marc-André - a bunch of cleanups ]
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Renzo Davoli <renzo@cs.unibo.it>
[ Marc-André Lureau - squash & fixup indentation ]
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
'ncsi_calculate_checksum' computes an optional checksum value for
the ncsi response packet by reading the data as series of 2 byte
words. But it receives the data length in number of bytes. Fix the for
loop to run for half the iterations to compute checksum for valid
data bytes and avoid OOB access.
Reported-by: Xingwei Lin <linyi.lxw@antfin.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20191230063934.65562-1-ppandit@redhat.com>
|
