Sophie

Sophie

distrib > Mageia > 3 > i586 > media > core-release-src > by-pkgid > b6023114a88ccac7f19e141071ad8f6c > files > 3

ettercap-0.7.4.1-6.mga3.src.rpm

// ettercap 0.7.5 - 0.7.5.1 buffer overflow patch
// patch -p1 < ec.patch

Index: include/ec.h
--- EC-vulnerable/include/ec.h
+++ EC-fixed/include/ec.h
@@ -81,6 +81,11 @@
 
 #define SAFE_FREE(x) do{ if(x) { free(x); x = NULL; } }while(0)
 
+
+/* convert to string */
+#define EC_STRINGIFY(in) #in
+#define EC_TOSTRING(in) EC_STRINGIFY(in)
+
 #define __init __attribute__ ((constructor))
 
 #ifndef __set_errno
Index: include/ec_inet.h
--- EC-vulnerable/include/ec_inet.h
+++ EC-fixed/include/ec_inet.h
@@ -24,24 +24,22 @@
    #endif
 #endif
 
-enum {
-   NS_IN6ADDRSZ            = 16,
-   NS_INT16SZ              = 2,
+#define	NS_IN6ADDRSZ 16
+#define 	NS_INT16SZ = 2
 
-   ETH_ADDR_LEN            = 6,
-   TR_ADDR_LEN             = 6,
-   FDDI_ADDR_LEN           = 6,
-   MEDIA_ADDR_LEN          = 6,
+#define	ETH_ADDR_LEN 6
+#define	TR_ADDR_LEN 6
+#define	FDDI_ADDR_LEN 6
+#define	MEDIA_ADDR_LEN 6
    
-   IP_ADDR_LEN             = 4,
-   IP6_ADDR_LEN            = 16,
-   MAX_IP_ADDR_LEN         = IP6_ADDR_LEN,
+#define	IP_ADDR_LEN 4
+#define	IP6_ADDR_LEN 16
+#define	MAX_IP_ADDR_LEN IP6_ADDR_LEN
 
-   ETH_ASCII_ADDR_LEN      = sizeof("ff:ff:ff:ff:ff:ff")+1,
-   IP_ASCII_ADDR_LEN       = sizeof("255.255.255.255")+1,
-   IP6_ASCII_ADDR_LEN      = sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")+1,
-   MAX_ASCII_ADDR_LEN      = IP6_ASCII_ADDR_LEN,                  
-};
+#define	ETH_ASCII_ADDR_LEN 19 // sizeof("ff:ff:ff:ff:ff:ff")+1
+#define	IP_ASCII_ADDR_LEN 17 // sizeof("255.255.255.255")+1
+#define	IP6_ASCII_ADDR_LEN 47 // sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")+1
+#define	MAX_ASCII_ADDR_LEN IP6_ASCII_ADDR_LEN
 
 /* 
  * this structure is used by ettercap to handle 
Index: src/ec_scan.c
--- EC-vulnerable/src/ec_scan.c
+++ EC-fixed/src/ec_scan.c
@@ -630,7 +630,7 @@
    /* read the file */
    for (nhosts = 0; !feof(hf); nhosts++) {
 
-      if (fscanf(hf,"%15s %17s %127s\n", ip, mac, name) != 3 ||
+      if (fscanf(hf, "%"EC_TOSTRING(MAX_ASCII_ADDR_LEN)"s %"EC_TOSTRING(ETH_ASCII_ADDR_LEN)"s %"EC_TOSTRING(MAX_HOSTNAME_LEN)"s\n", ip, mac, name) != 3 ||
          *ip == '#' || *mac == '#' || *name == '#')
          continue;
 
// Sajjad Pourali .
// http://www.securation.com/ .

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional