diff options
Diffstat (limited to 'package/snort/patches')
9 files changed, 324 insertions, 0 deletions
diff --git a/package/snort/patches/patch-configure b/package/snort/patches/patch-configure new file mode 100644 index 000000000..2f5bfde4e --- /dev/null +++ b/package/snort/patches/patch-configure @@ -0,0 +1,94 @@ +--- snort-2.8.5.2.orig/configure 2009-10-19 23:18:06.000000000 +0200 ++++ snort-2.8.5.2/configure 2010-01-14 20:16:49.000000000 +0100 +@@ -25882,81 +25882,7 @@ _ACEOF + fi + + +-# In case INADDR_NONE is not defined (like on Solaris) +-have_inaddr_none="no" +-{ echo "$as_me:$LINENO: checking for INADDR_NONE" >&5 +-echo $ECHO_N "checking for INADDR_NONE... $ECHO_C" >&6; } +-if test "$cross_compiling" = yes; then +- { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&5 +-echo "$as_me: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&2;} +- { (exit 1); exit 1; }; } +-else +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#include <sys/types.h> +-#include <netinet/in.h> +-#include <arpa/inet.h> +- +-int +-main () +-{ +- +- if (inet_addr("10,5,2") == INADDR_NONE); +- return 0; +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest$ac_exeext +-if { (ac_try="$ac_link" +-case "(($ac_try" in +- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; +- *) ac_try_echo=$ac_try;; +-esac +-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +- (eval "$ac_link") 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && { ac_try='./conftest$ac_exeext' +- { (case "(($ac_try" in +- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; +- *) ac_try_echo=$ac_try;; +-esac +-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +- (eval "$ac_try") 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- have_inaddr_none="yes" +-else +- echo "$as_me: program exited with status $ac_status" >&5 +-echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-( exit $ac_status ) +-have_inaddr_none="no" +-fi +-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +-fi +- +- +-{ echo "$as_me:$LINENO: result: $have_inaddr_none" >&5 +-echo "${ECHO_T}$have_inaddr_none" >&6; } +-if test "x$have_inaddr_none" = "xno"; then +- +-cat >>confdefs.h <<\_ACEOF +-#define INADDR_NONE -1 +-_ACEOF +- +-fi ++have_inaddr_none="yes" + + cat >conftest.$ac_ext <<_ACEOF + /* confdefs.h. */ +@@ -26580,7 +26506,7 @@ fi + # that versions < 0.9 do not accumulate packet statistics whereas >= 0.9 do accumulate. + # This is Linux only. The check is done after pcre because the code below uses pcre. + # It seems Phil Wood's pcap does not accumulate - 0.9x +-pcap_version_check="yes" ++pcap_version_check="no" + if test "x$linux" = "xyes"; then + if test "x$pcap_version_check" = "xyes"; then + { echo "$as_me:$LINENO: checking for libpcap version >= 0.9" >&5 diff --git a/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c b/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c new file mode 100644 index 000000000..f4462c208 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c @@ -0,0 +1,26 @@ +--- snort-2.8.5.2.orig/src/detection-plugins/sp_ip_tos_check.c 2009-05-07 00:28:33.000000000 +0200 ++++ snort-2.8.5.2/src/detection-plugins/sp_ip_tos_check.c 2010-01-19 19:58:18.000000000 +0100 +@@ -191,19 +191,19 @@ void ParseIpTos(char *data, OptTreeNode + ds_ptr->not_flag = 1; + } + +- if(index(data, (int) 'x') == NULL && index(data, (int)'X') == NULL) ++ if(strchr(data, (int) 'x') == NULL && strchr(data, (int)'X') == NULL) + { + ds_ptr->ip_tos = atoi(data); + } + else + { +- if(index(data,(int)'x')) ++ if(strchr(data,(int)'x')) + { +- ds_ptr->ip_tos = (u_char) strtol((index(data, (int)'x')+1), NULL, 16); ++ ds_ptr->ip_tos = (u_char) strtol((strchr(data, (int)'x')+1), NULL, 16); + } + else + { +- ds_ptr->ip_tos = (u_char) strtol((index(data, (int)'X')+1), NULL, 16); ++ ds_ptr->ip_tos = (u_char) strtol((strchr(data, (int)'X')+1), NULL, 16); + } + } + diff --git a/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c new file mode 100644 index 000000000..ff3f016da --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c @@ -0,0 +1,47 @@ +--- snort-2.8.5.2.orig/src/detection-plugins/sp_pattern_match.c 2009-08-10 22:41:44.000000000 +0200 ++++ snort-2.8.5.2/src/detection-plugins/sp_pattern_match.c 2010-01-19 19:58:58.000000000 +0100 +@@ -831,7 +831,7 @@ void PayloadSearchListInit(char *data, O + data++; + + /* grab everything between the starting " and the end one */ +- sptr = index(data, '"'); ++ sptr = strchr(data, '"'); + eptr = strrchr(data, '"'); + + if(sptr != NULL && eptr != NULL) +@@ -862,21 +862,21 @@ static char *PayloadExtractParameter(cha + char *quote_one = NULL, *quote_two = NULL; + char *comma = NULL; + +- quote_one = index(data, '"'); ++ quote_one = strchr(data, '"'); + if (quote_one) + { +- quote_two = index(quote_one+1, '"'); ++ quote_two = strchr(quote_one+1, '"'); + while ( quote_two && quote_two[-1] == '\\' ) +- quote_two = index(quote_two+1, '"'); ++ quote_two = strchr(quote_two+1, '"'); + } + + if (quote_one && quote_two) + { +- comma = index(quote_two, ','); ++ comma = strchr(quote_two, ','); + } + else if (!quote_one) + { +- comma = index(data, ','); ++ comma = strchr(data, ','); + } + + if (comma) +@@ -2035,7 +2035,7 @@ void ParsePattern(char *rule, OptTreeNod + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr != rule) + { diff --git a/package/snort/patches/patch-src_detection-plugins_sp_replace_c b/package/snort/patches/patch-src_detection-plugins_sp_replace_c new file mode 100644 index 000000000..e532b2ac1 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_replace_c @@ -0,0 +1,11 @@ +--- snort-2.8.5.2.orig/src/detection-plugins/sp_replace.c 2009-07-07 17:37:04.000000000 +0200 ++++ snort-2.8.5.2/src/detection-plugins/sp_replace.c 2010-01-19 20:21:14.000000000 +0100 +@@ -122,7 +122,7 @@ static PatternMatchData * Replace_Parse( + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr == NULL) + { diff --git a/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c b/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c new file mode 100644 index 000000000..c1df26aad --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c @@ -0,0 +1,26 @@ +--- snort-2.8.5.2.orig/src/detection-plugins/sp_tcp_win_check.c 2009-05-07 00:28:39.000000000 +0200 ++++ snort-2.8.5.2/src/detection-plugins/sp_tcp_win_check.c 2010-01-19 20:06:29.000000000 +0100 +@@ -196,19 +196,19 @@ void ParseTcpWin(char *data, OptTreeNode + ds_ptr->not_flag = 1; + } + +- if(index(data, (int) 'x') == NULL && index(data, (int)'X') == NULL) ++ if(strchr(data, (int) 'x') == NULL && strchr(data, (int)'X') == NULL) + { + win_size = atoi(data); + } + else + { +- if(index(data,(int)'x')) ++ if(strchr(data,(int)'x')) + { +- win_size = (uint16_t) strtol((index(data, (int)'x')+1), NULL, 16); ++ win_size = (uint16_t) strtol((strchr(data, (int)'x')+1), NULL, 16); + } + else + { +- win_size = (uint16_t) strtol((index(data, (int)'X')+1), NULL, 16); ++ win_size = (uint16_t) strtol((strchr(data, (int)'X')+1), NULL, 16); + } + } + diff --git a/package/snort/patches/patch-src_log_c b/package/snort/patches/patch-src_log_c new file mode 100644 index 000000000..5f59a4ed0 --- /dev/null +++ b/package/snort/patches/patch-src_log_c @@ -0,0 +1,38 @@ +--- snort-2.8.5.2.orig/src/log.c 2009-10-19 17:48:42.000000000 +0200 ++++ snort-2.8.5.2/src/log.c 2010-01-19 20:01:42.000000000 +0100 +@@ -916,7 +916,7 @@ void PrintArpHeader(FILE * fp, Packet * + switch(ntohs(p->ah->ea_hdr.ar_op)) + { + case ARPOP_REQUEST: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + fprintf(fp, "ARP who-has %s", inet_ntoa(ip_addr)); + + if(memcmp((char *) ezero, (char *) p->ah->arp_tha, 6) != 0) +@@ -925,7 +925,7 @@ void PrintArpHeader(FILE * fp, Packet * + p->ah->arp_tha[1], p->ah->arp_tha[2], p->ah->arp_tha[3], + p->ah->arp_tha[4], p->ah->arp_tha[5]); + } +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + + fprintf(fp, " tell %s", inet_ntoa(ip_addr)); + +@@ -938,7 +938,7 @@ void PrintArpHeader(FILE * fp, Packet * + break; + + case ARPOP_REPLY: +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + fprintf(fp, "ARP reply %s", inet_ntoa(ip_addr)); + + /* print out the originating request if we're on a weirder +@@ -971,7 +971,7 @@ void PrintArpHeader(FILE * fp, Packet * + break; + + case ARPOP_RREPLY: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + fprintf(fp, "RARP reply %X:%X:%X:%X:%X:%X at %s", + p->ah->arp_tha[0], p->ah->arp_tha[1], p->ah->arp_tha[2], + p->ah->arp_tha[3], p->ah->arp_tha[4], p->ah->arp_tha[5], diff --git a/package/snort/patches/patch-src_log_text_c b/package/snort/patches/patch-src_log_text_c new file mode 100644 index 000000000..033608f9f --- /dev/null +++ b/package/snort/patches/patch-src_log_text_c @@ -0,0 +1,38 @@ +--- snort-2.8.5.2.orig/src/log_text.c 2009-05-07 00:28:15.000000000 +0200 ++++ snort-2.8.5.2/src/log_text.c 2010-01-19 20:00:30.000000000 +0100 +@@ -1604,7 +1604,7 @@ void LogArpHeader(TextLog* log, Packet * + switch(ntohs(p->ah->ea_hdr.ar_op)) + { + case ARPOP_REQUEST: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + TextLog_Print(log, "ARP who-has %s", inet_ntoa(ip_addr)); + + if(memcmp((char *) ezero, (char *) p->ah->arp_tha, 6) != 0) +@@ -1613,7 +1613,7 @@ void LogArpHeader(TextLog* log, Packet * + p->ah->arp_tha[1], p->ah->arp_tha[2], p->ah->arp_tha[3], + p->ah->arp_tha[4], p->ah->arp_tha[5]); + } +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + + TextLog_Print(log, " tell %s", inet_ntoa(ip_addr)); + +@@ -1626,7 +1626,7 @@ void LogArpHeader(TextLog* log, Packet * + break; + + case ARPOP_REPLY: +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + TextLog_Print(log, "ARP reply %s", inet_ntoa(ip_addr)); + + /* print out the originating request if we're on a weirder +@@ -1659,7 +1659,7 @@ void LogArpHeader(TextLog* log, Packet * + break; + + case ARPOP_RREPLY: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + TextLog_Print(log, "RARP reply %X:%X:%X:%X:%X:%X at %s", + p->ah->arp_tha[0], p->ah->arp_tha[1], p->ah->arp_tha[2], + p->ah->arp_tha[3], p->ah->arp_tha[4], p->ah->arp_tha[5], diff --git a/package/snort/patches/patch-src_output-plugins_spo_alert_unixsock_c b/package/snort/patches/patch-src_output-plugins_spo_alert_unixsock_c new file mode 100644 index 000000000..5b07072be --- /dev/null +++ b/package/snort/patches/patch-src_output-plugins_spo_alert_unixsock_c @@ -0,0 +1,28 @@ +--- snort-2.8.5.2.orig/src/output-plugins/spo_alert_unixsock.c 2009-05-07 00:29:12.000000000 +0200 ++++ snort-2.8.5.2/src/output-plugins/spo_alert_unixsock.c 2010-01-19 20:05:44.000000000 +0100 +@@ -179,13 +179,13 @@ void AlertUnixSock(Packet *p, char *msg, + bzero((char *)&alertpkt,sizeof(alertpkt)); + if (event) + { +- bcopy((const void *)event,(void *)&alertpkt.event,sizeof(Event)); ++ memcpy((void *)&alertpkt.event,(const void *)event,sizeof(Event)); + } + + if(p && p->pkt) + { +- bcopy((const void *)p->pkth,(void *)&alertpkt.pkth,sizeof(struct pcap_pkthdr)); +- bcopy((const void *)p->pkt,alertpkt.pkt, ++ memcpy((void *)&alertpkt.pkth,(const void *)p->pkth,sizeof(struct pcap_pkthdr)); ++ memcpy(alertpkt.pkt,(const void *)p->pkt, + alertpkt.pkth.caplen > SNAPLEN? SNAPLEN : alertpkt.pkth.caplen); + } + else +@@ -193,7 +193,7 @@ void AlertUnixSock(Packet *p, char *msg, + + if (msg) + { +- bcopy((const void *)msg,(void *)alertpkt.alertmsg, ++ memcpy((void *)alertpkt.alertmsg,(const void *)msg, + strlen(msg)>ALERTMSG_LENGTH-1 ? ALERTMSG_LENGTH - 1 : strlen(msg)); + } + diff --git a/package/snort/patches/patch-src_parser_IpAddrSet_c b/package/snort/patches/patch-src_parser_IpAddrSet_c new file mode 100644 index 000000000..edb62126d --- /dev/null +++ b/package/snort/patches/patch-src_parser_IpAddrSet_c @@ -0,0 +1,16 @@ +--- snort-2.8.5.2.orig/src/parser/IpAddrSet.c 2009-07-07 17:37:07.000000000 +0200 ++++ snort-2.8.5.2/src/parser/IpAddrSet.c 2010-01-19 20:20:50.000000000 +0100 +@@ -388,11 +388,11 @@ int ParseIP(char *paddr, IpAddrSet *ias, + /* protecting against malicious DNS servers */ + if(host_info->h_length <= (int)sizeof(sin.sin_addr)) + { +- bcopy(host_info->h_addr, (char *) &sin.sin_addr, host_info->h_length); ++ memcpy((char *) &sin.sin_addr, host_info->h_addr, host_info->h_length); + } + else + { +- bcopy(host_info->h_addr, (char *) &sin.sin_addr, sizeof(sin.sin_addr)); ++ memcpy((char *) &sin.sin_addr, host_info->h_addr, sizeof(sin.sin_addr)); + } + } + /* Using h_errno */ |