From ce5688dbbf57be213a7c32363cb8020f470ed9f2 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Oct 30 2018 04:47:23 +0000 Subject: import nmap-6.40-16.el7 --- diff --git a/SOURCES/nmap-6.40-ncat_default_proxy_port.patch b/SOURCES/nmap-6.40-ncat_default_proxy_port.patch new file mode 100644 index 0000000..8f3498f --- /dev/null +++ b/SOURCES/nmap-6.40-ncat_default_proxy_port.patch @@ -0,0 +1,71 @@ +diff --git a/ncat/ncat_main.c b/ncat/ncat_main.c +index fb8745a..82c8acd 100644 +--- a/ncat/ncat_main.c ++++ b/ncat/ncat_main.c +@@ -261,7 +261,7 @@ int main(int argc, char *argv[]) + struct host_list_node *allow_host_list = NULL; + struct host_list_node *deny_host_list = NULL; + +- unsigned short proxyport = DEFAULT_PROXY_PORT; ++ unsigned short proxyport; + int srcport = -1; + char *source = NULL; + +@@ -705,30 +705,33 @@ int main(int argc, char *argv[]) + } + + if (o.proxyaddr) { +- if (!o.proxytype) +- o.proxytype = Strdup("http"); +- +- if (!strcmp(o.proxytype, "http") || +- !strcmp(o.proxytype, "socks4") || !strcmp(o.proxytype, "4") || +- !strcmp(o.proxytype, "socks5") || !strcmp(o.proxytype, "5")) { +- /* Parse HTTP/SOCKS proxy address and store it in targetss. +- * If the proxy server is given as an IPv6 address (not hostname), +- * the port number MUST be specified as well or parsing will break +- * (due to the colons in the IPv6 address and host:port separator). +- */ +- +- targetaddrs->addrlen = parseproxy(o.proxyaddr, +- &targetaddrs->addr.storage, &targetaddrs->addrlen, &proxyport); +- if (o.af == AF_INET) { +- targetaddrs->addr.in.sin_port = htons(proxyport); +- } else { // might modify to else if and test AF_{INET6|UNIX|UNSPEC} +- targetaddrs->addr.in6.sin6_port = htons(proxyport); +- } +- } else { +- bye("Invalid proxy type \"%s\".", o.proxytype); +- } +- +- if (o.listen) ++ if (!o.proxytype){ ++ o.proxytype = Strdup("http"); ++ } ++ ++ if (!strcmp(o.proxytype, "http")) { ++ proxyport = DEFAULT_PROXY_PORT; ++ } else if (!strcmp(o.proxytype, "socks4") || !strcmp(o.proxytype, "4")){ ++ proxyport = DEFAULT_SOCKS4_PORT; ++ } else if (!strcmp(o.proxytype, "socks5") || !strcmp(o.proxytype, "5")) { ++ proxyport = DEFAULT_SOCKS5_PORT; ++ } else { ++ bye("Invalid proxy type \"%s\".", o.proxytype); ++ } ++ ++ /* Parse HTTP/SOCKS proxy address and store it in targetss. ++ * If the proxy server is given as an IPv6 address (not hostname), ++ * the port number MUST be specified as well or parsing will break ++ * (due to the colons in the IPv6 address and host:port separator). ++ */ ++ targetaddrs->addrlen = parseproxy(o.proxyaddr, ++ &targetaddrs->addr.storage, &targetaddrs->addrlen, &proxyport); ++ if (o.af == AF_INET) { ++ targetaddrs->addr.in.sin_port = htons(proxyport); ++ } else { // might modify to else if and test AF_{INET6|UNIX|UNSPEC} ++ targetaddrs->addr.in6.sin6_port = htons(proxyport); ++ } ++ if (o.listen) + bye("Invalid option combination: --proxy and -l."); + } else { + if (o.proxytype) { diff --git a/SOURCES/nmap-7.60-udp_remoteaddr.patch b/SOURCES/nmap-7.60-udp_remoteaddr.patch new file mode 100644 index 0000000..4cfde28 --- /dev/null +++ b/SOURCES/nmap-7.60-udp_remoteaddr.patch @@ -0,0 +1,29 @@ +commit e8b73078fd56a4d16ffa9cbb51f43ac75c5f7f1f +Author: nnposter +Date: Mon Sep 11 02:33:07 2017 +0000 + + Provides more meaningful information about the connecting client when in UDP listening mode. Closes #980 + +diff --git a/ncat/ncat_listen.c b/ncat/ncat_listen.c +index b047a5866..20b14b7db 100644 +--- a/ncat/ncat_listen.c ++++ b/ncat/ncat_listen.c +@@ -898,8 +898,8 @@ static int ncat_listen_dgram(int proto) + ncat_log_recv(buf, nbytes); + } + +- if (o.debug > 1) +- logdebug("Valid Connection from %d\n", socket_n); ++ if (o.verbose) ++ loguser("Connection from %s.\n", inet_socktop(&remotess)); + + conn_inc++; + +@@ -917,6 +917,7 @@ static int ncat_listen_dgram(int proto) + struct fdinfo info = { 0 }; + + info.fd = socket_n; ++ info.remoteaddr = remotess; + if (o.keepopen) + netrun(&info, o.cmdexec); + else diff --git a/SOURCES/nmap-use_after_free.patch b/SOURCES/nmap-use_after_free.patch new file mode 100644 index 0000000..bf5d716 --- /dev/null +++ b/SOURCES/nmap-use_after_free.patch @@ -0,0 +1,20 @@ +diff --git a/portlist.cc b/portlist.cc +index 48b4794..76908b5 100644 +--- a/portlist.cc ++++ b/portlist.cc +@@ -722,7 +722,6 @@ int PortList::forgetPort(u16 portno, u8 protocol) { + state_counts_proto[protocol][answer->state]--; + state_counts_proto[protocol][default_port_state[protocol].state]++; + +- delete answer; + + port_list[protocol][portno] = NULL; + +@@ -733,6 +732,7 @@ int PortList::forgetPort(u16 portno, u8 protocol) { + log_flush(LOG_STDOUT); + } + ++ delete answer; + return 0; + } + diff --git a/SPECS/nmap.spec b/SPECS/nmap.spec index 6824572..be8978e 100644 --- a/SPECS/nmap.spec +++ b/SPECS/nmap.spec @@ -8,7 +8,7 @@ Version: 6.40 ## https://bugzilla.redhat.com/1460249 %global ncat_version 7.50 #global prerelease %{nil} -Release: 13%{?dist} +Release: 16%{?dist} # nmap is GPLv2 # zenmap is GPLv2 and LGPLv2+ (zenmap/higwidgets) and GPLv2+ (zenmap/radialnet) # libdnet-stripped is BSD (advertising clause rescinded by the Univ. of California in 1999) with some parts as Public Domain (crc32) @@ -58,9 +58,13 @@ Patch10: nmap-6.40-trancated_dns.patch %if "%{ncat_version}" != "%{version}" Patch11: nmap-6.40-ncat_%{ncat_version}.patch Patch12: nmap-6.40-ncat_memleak.patch +Patch15: nmap-6.40-ncat_default_proxy_port.patch %endif Patch13: nmap-6.40-add_eproto_handler.patch Patch14: nmap-6.40-ncat_early_error_reporting.patch +Patch16: nmap-use_after_free.patch +Patch17: nmap-7.60-udp_remoteaddr.patch + URL: http://nmap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -132,6 +136,7 @@ tar -xf %{SOURCE4} # Patch for newer/older ncat %patch11 -p1 -b .ncatrebase %patch12 -p1 -b .memleak +%patch15 -p1 -b .socksport %else # Patches which were accepted upstream and not needed in rebased version %patch8 -p1 -b .logdebug @@ -140,6 +145,8 @@ tar -xf %{SOURCE4} %patch14 -p1 -b .errorreporting %patch13 -p1 -b .eproto +%patch16 -p1 -b .use-after-free +%patch17 -p1 -b .udp_ra #be sure we're not using tarballed copies of some libraries, #we remove them when creating our own tarball, just check they are not present @@ -275,6 +282,16 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/xnmap.1.gz %changelog +* Mon Jun 4 2018 Pavel Zhukov - 2:6.40-16 +- Resolves: #1573411 - Populate ncat env. variables in UDP mode + +* Wed Apr 25 2018 Pavel Zhukov - 2:6.40-15 +- Resolves: #1525105 - Fix use after free error (Coverity) +- Patches renumbered + +* Tue Apr 3 2018 Pavel Zhukov - 2:6.40-14 +- Resolves: #1546246 - Don't use http proxy port for socks proxies + * Wed Nov 8 2017 Pavel Zhukov - 2:6.40-13 - Resolves: #1436402 - nc from nmap ncat crash if ipv6 disabled