!34 fix Undefine-shift in sldns_str2wire_hip_buf

Merge pull request !34 from jinag12/openEuler-20.03-LTS-SP2
2022-01-26 07:01:45 +00:00 · 2022-01-26 07:01:45 +00:00 · 8c3aecacbd
commit 8c3aecacbd
parent ab451f11be 102e11510a
2 changed files with 53 additions and 5 deletions
--- a/backport-Fix-610-Undefine-shift-in-sldns_str2wire_hip_buf.patch
+++ b/backport-Fix-610-Undefine-shift-in-sldns_str2wire_hip_buf.patch
@ -0,0 +1,42 @@
+From 12a1053dfa9f978d875402456c2c836140e9ad47 Mon Sep 17 00:00:00 2001
+From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
+Date: Tue, 25 Jan 2022 08:57:49 +0100
+Subject: [PATCH] - Fix #610: Undefine-shift in sldns_str2wire_hip_buf.
+
+---
+ sldns/str2wire.c | 4 +++-
+ sldns/str2wire.h | 2 +-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/sldns/str2wire.c b/sldns/str2wire.c
+index 977cda2..bb7aacc 100644
+--- a/sldns/str2wire.c
+++ b/sldns/str2wire.c
+@@ -25,8 +25,10 @@
+ #include <netdb.h>
+ #endif
+ 
+/** bits for the offset */
+#define RET_OFFSET_MASK (((unsigned)(~LDNS_WIREPARSE_MASK))>>LDNS_WIREPARSE_SHIFT)
+ /** return an error */
+-#define RET_ERR(e, off) ((int)((e)|((off)<<LDNS_WIREPARSE_SHIFT)))
+#define RET_ERR(e, off) ((int)(((e)&LDNS_WIREPARSE_MASK)|(((off)&RET_OFFSET_MASK)<<LDNS_WIREPARSE_SHIFT)))
+ /** Move parse error but keep its ID */
+ #define RET_ERR_SHIFT(e, move) RET_ERR(LDNS_WIREPARSE_ERROR(e), LDNS_WIREPARSE_OFFSET(e)+(move));
+ #define LDNS_IP6ADDRLEN      (128/8)
+diff --git a/sldns/str2wire.h b/sldns/str2wire.h
+index 70070e4..2f78c9b 100644
+--- a/sldns/str2wire.h
+++ b/sldns/str2wire.h
+@@ -170,7 +170,7 @@ uint8_t* sldns_wirerr_get_rdatawl(uint8_t* rr, size_t len, size_t dname_len);
+ #define LDNS_WIREPARSE_MASK 0x0fff
+ #define LDNS_WIREPARSE_SHIFT 12
+ #define LDNS_WIREPARSE_ERROR(e) ((e)&LDNS_WIREPARSE_MASK)
+-#define LDNS_WIREPARSE_OFFSET(e) (((e)&~LDNS_WIREPARSE_MASK)>>LDNS_WIREPARSE_SHIFT)
+#define LDNS_WIREPARSE_OFFSET(e) ((((unsigned)(e))&~LDNS_WIREPARSE_MASK)>>LDNS_WIREPARSE_SHIFT)
+ /* use lookuptable to get error string, sldns_wireparse_errors */
+ #define LDNS_WIREPARSE_ERR_OK 0
+ #define LDNS_WIREPARSE_ERR_GENERAL 342
+-- 
+1.8.3.1
+
--- a/unbound.spec
+++ b/unbound.spec
@ -2,7 +2,7 @@

 Name:          unbound
 Version:       1.11.0
-Release:       2
+Release:       3
 Summary:       Unbound is a validating, recursive, caching DNS resolver
 License:       BSD
 Url:           https://nlnetlabs.nl/projects/unbound/about/
@ -23,6 +23,8 @@ Source13:      unbound-anchor.service

 Patch0:        CVE-2020-28935.patch

+Patch6000:     backport-Fix-610-Undefine-shift-in-sldns_str2wire_hip_buf.patch
+
 BuildRequires: make flex swig pkgconfig systemd python-unversioned-command
 BuildRequires: libevent-devel expat-devel openssl-devel python3-devel
 BuildRequires: unbound-libs
@ -68,12 +70,10 @@ Summary: Man pages for unbound
 Package help includes includes man pages for unbound.

 %prep
-
-%setup -qcn %{name}-%{version}
+%autosetup -c -N -n %{name}-%{version}

 pushd %{name}-%{version}
-
-%patch0 -p1
+%autopatch -p1

 cp -pr doc pythonmod libunbound ../
 popd
@ -229,6 +229,12 @@ popd
 %{_mandir}/man*

 %changelog
+* Tue Jan 25 2022 jiangheng<jiangheng12@huawei.com> - 1.11.0-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix Undefine-shift in sldns_str2wire_hip_buf
+
 * Tue Feb 23 2021 zhouyihang <zhouyihang3@huawei.com> - 1.11.0-2
 - Type:CVE
 - ID:NA