summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoy Marples <uberlord@gentoo.org>2005-12-20 13:43:40 +0000
committerRoy Marples <uberlord@gentoo.org>2005-12-20 13:43:40 +0000
commitec6e0435ffe56beb3fe85534acaefed970ddda68 (patch)
tree90828db5b407cc101aecec90d339ef8f8353f471 /sys-apps/netplug/files
parentStable on sparc wrt security #116006 (diff)
downloadgentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.tar.gz
gentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.tar.bz2
gentoo-2-ec6e0435ffe56beb3fe85534acaefed970ddda68.zip
Added patch to remove nested functions so we don't require an executable
stack, #116140. Thanks to Diego Pettenò (flameeyes@gentoo.org). (Portage version: 2.1_pre1)
Diffstat (limited to 'sys-apps/netplug/files')
-rw-r--r--sys-apps/netplug/files/digest-netplug-1.2.9-r21
-rw-r--r--sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch187
2 files changed, 188 insertions, 0 deletions
diff --git a/sys-apps/netplug/files/digest-netplug-1.2.9-r2 b/sys-apps/netplug/files/digest-netplug-1.2.9-r2
new file mode 100644
index 000000000000..b895ad93b788
--- /dev/null
+++ b/sys-apps/netplug/files/digest-netplug-1.2.9-r2
@@ -0,0 +1 @@
+MD5 3bc8062d8033e3f897b015f2889ce5a9 netplug-1.2.9.tar.bz2 21786
diff --git a/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch
new file mode 100644
index 000000000000..0a3b991a82bf
--- /dev/null
+++ b/sys-apps/netplug/files/netplug-1.2.9-remove-nest.patch
@@ -0,0 +1,187 @@
+This patch replaces the for_each_iface nested funtion with a macro so that we
+don't have an executable stack and work correctly on NX capable hardware.
+See http://www.gentoo.org/proj/en/hardened/gnu-stack.xml for more information.
+
+Patch by Diego Pettenò (flameeyes@gentoo.org)
+
+Index: netplug-1.2.9/if_info.c
+===================================================================
+--- netplug-1.2.9.orig/if_info.c
++++ netplug-1.2.9/if_info.c
+@@ -29,8 +29,7 @@
+
+ #include "netplug.h"
+
+-#define INFOHASHSZ 16 /* must be a power of 2 */
+-static struct if_info *if_info[INFOHASHSZ];
++struct if_info *if_info[INFOHASHSZ];
+
+ static const char *
+ statename(enum ifstate s)
+@@ -95,17 +94,6 @@ flags_str(char *buf, unsigned int fl)
+ return buf;
+ }
+
+-void
+-for_each_iface(int (*func)(struct if_info *))
+-{
+- for(int i = 0; i < INFOHASHSZ; i++) {
+- for(struct if_info *info = if_info[i]; info != NULL; info = info->next) {
+- if ((*func)(info))
+- return;
+- }
+- }
+-}
+-
+ /* Reevaluate the state machine based on the current state and flag settings */
+ void
+ ifsm_flagpoll(struct if_info *info)
+@@ -284,6 +272,14 @@ ifsm_flagchange(struct if_info *info, un
+ info->lastchange = time(0);
+ }
+
++int find_pid(struct if_info *i, pid_t pid, struct if_info **info) {
++ if (i->worker == pid) {
++ *info = i;
++ return 1;
++ }
++ return 0;
++}
++
+ /* handle a script termination and update the state accordingly */
+ void ifsm_scriptdone(pid_t pid, int exitstatus)
+ {
+@@ -291,16 +287,8 @@ void ifsm_scriptdone(pid_t pid, int exit
+ struct if_info *info;
+ assert(WIFEXITED(exitstatus) || WIFSIGNALED(exitstatus));
+
+- int find_pid(struct if_info *i) {
+- if (i->worker == pid) {
+- info = i;
+- return 1;
+- }
+- return 0;
+- }
+-
+ info = NULL;
+- for_each_iface(find_pid);
++ for_each_iface(find_pid, pid, &info);
+
+ if (info == NULL) {
+ do_log(LOG_INFO, "Unexpected child %d exited with status %d",
+Index: netplug-1.2.9/main.c
+===================================================================
+--- netplug-1.2.9.orig/main.c
++++ netplug-1.2.9/main.c
+@@ -164,6 +164,23 @@ child_handler(int sig, siginfo_t *info,
+ write(child_handler_pipe[1], &ce, sizeof(ce));
+ }
+
++int pollflags_state(struct if_info *info, int sockfd) {
++ struct ifreq ifr;
++
++ if (!if_match(info->name))
++ return 0;
++
++ memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name));
++ if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0)
++ do_log(LOG_ERR, "%s: can't get flags: %m", info->name);
++ else {
++ ifsm_flagchange(info, ifr.ifr_flags);
++ ifsm_flagpoll(info);
++ }
++
++ return 0;
++}
++
+ /* Poll the existing interface state, so we can catch any state
+ changes for which we may not have neen a netlink message. */
+ static void
+@@ -180,28 +197,20 @@ poll_interfaces(void)
+ close_on_exec(sockfd);
+ }
+
+- int pollflags(struct if_info *info) {
+- struct ifreq ifr;
+-
+- if (!if_match(info->name))
+- return 0;
+-
+- memcpy(ifr.ifr_name, info->name, sizeof(ifr.ifr_name));
+- if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0)
+- do_log(LOG_ERR, "%s: can't get flags: %m", info->name);
+- else {
+- ifsm_flagchange(info, ifr.ifr_flags);
+- ifsm_flagpoll(info);
+- }
+-
+- return 0;
+- }
+-
+- for_each_iface(pollflags);
++ for_each_iface(pollflags_state, sockfd);
+ }
+
+ int debug = 0;
+
++/* Run over each of the interfaces we know and care about, and
++ make sure the state machine has done the appropriate thing
++ for their current state. */
++int poll_flags_check(struct if_info *i) {
++ if (if_match(i->name))
++ ifsm_flagpoll(i);
++ return 0;
++}
++
+ int
+ main(int argc, char *argv[])
+ {
+@@ -331,17 +340,7 @@ main(int argc, char *argv[])
+ { child_handler_pipe[0], POLLIN, 0 },
+ };
+
+- {
+- /* Run over each of the interfaces we know and care about, and
+- make sure the state machine has done the appropriate thing
+- for their current state. */
+- int poll_flags(struct if_info *i) {
+- if (if_match(i->name))
+- ifsm_flagpoll(i);
+- return 0;
+- }
+- for_each_iface(poll_flags);
+- }
++ for_each_iface(poll_flags_check);
+
+ for(;;) {
+ int ret;
+Index: netplug-1.2.9/netplug.h
+===================================================================
+--- netplug-1.2.9.orig/netplug.h
++++ netplug-1.2.9/netplug.h
+@@ -28,6 +28,9 @@
+
+ #define NP_SCRIPT NP_SCRIPT_DIR "/netplug"
+
++#define INFOHASHSZ 16 /* must be a power of 2 */
++extern struct if_info *if_info[INFOHASHSZ];
++
+ /* configuration */
+
+ void read_config(char *filename);
+@@ -83,7 +86,14 @@ struct if_info *if_info_update_interface
+ struct rtattr *attrs[]);
+ int if_info_save_interface(struct nlmsghdr *hdr, void *arg);
+ void parse_rtattrs(struct rtattr *tb[], int max, struct rtattr *rta, int len);
+-void for_each_iface(int (*func)(struct if_info *));
++
++#define for_each_iface(func, ...) \
++ for(int i = 0; i < INFOHASHSZ; i++) { \
++ for(struct if_info *each_iface = if_info[i]; each_iface != NULL; each_iface = each_iface->next) { \
++ if (func (each_iface, ##__VA_ARGS__)) \
++ break; \
++ } \
++ }
+
+ void ifsm_flagpoll(struct if_info *info);
+ void ifsm_flagchange(struct if_info *info, unsigned int newflags);