Discussion:
[PATCH] busybox: update to version 1.28.1
(too old to reply)
Daniel Golle
2018-03-27 16:42:52 UTC
Permalink
Addresses CVE-2017-15873 and CVE-2017-15874.
Patch 600-cve-2017-16544.patch replaced by upstream fix.
Some smaller changes mostly related to the elimination of
getops's opt_complementary were needed for other patches.

Signed-off-by: Daniel Golle <***@makrotopia.org>
---
package/utils/busybox/Makefile | 6 ++--
.../busybox/patches/200-udhcpc_reduce_msgs.patch | 4 +--
.../patches/201-udhcpc_changed_ifindex.patch | 2 +-
.../patches/203-udhcpc_renew_no_deconfig.patch | 2 +-
.../busybox/patches/230-add_nslookup_lede.patch | 5 ++--
.../utils/busybox/patches/250-date-k-flag.patch | 31 +++++++++----------
.../patches/510-move-passwd-applet-to-bin.patch | 2 +-
.../utils/busybox/patches/600-cve-2017-16544.patch | 35 ----------------------
8 files changed, 26 insertions(+), 61 deletions(-)
delete mode 100644 package/utils/busybox/patches/600-cve-2017-16544.patch

diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile
index 623fbd5896..85ceaa5cd2 100644
--- a/package/utils/busybox/Makefile
+++ b/package/utils/busybox/Makefile
@@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk

PKG_NAME:=busybox
-PKG_VERSION:=1.27.2
-PKG_RELEASE:=3
+PKG_VERSION:=1.28.1
+PKG_RELEASE:=1
PKG_FLAGS:=essential

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.busybox.net/downloads \
http://sources.buildroot.net
-PKG_HASH:=9d4be516b61e6480f156b11eb42577a13529f75d3383850bb75c50c285de63df
+PKG_HASH:=98fe1d3c311156c597cd5cfa7673bb377dc552b6fa20b5d3834579da3b13652e

PKG_BUILD_DEPENDS:=BUSYBOX_USE_LIBRPC:librpc BUSYBOX_CONFIG_PAM:libpam
PKG_BUILD_PARALLEL:=1
diff --git a/package/utils/busybox/patches/200-udhcpc_reduce_msgs.patch b/package/utils/busybox/patches/200-udhcpc_reduce_msgs.patch
index 5f64c19d05..a47c4fcc10 100644
--- a/package/utils/busybox/patches/200-udhcpc_reduce_msgs.patch
+++ b/package/utils/busybox/patches/200-udhcpc_reduce_msgs.patch
@@ -1,6 +1,6 @@
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
-@@ -706,6 +706,7 @@ static int bcast_or_ucast(struct dhcp_pa
+@@ -711,6 +711,7 @@ static int bcast_or_ucast(struct dhcp_pa
static NOINLINE int send_discover(uint32_t xid, uint32_t requested)
{
struct dhcp_packet packet;
@@ -8,7 +8,7 @@

/* Fill in: op, htype, hlen, cookie, chaddr fields,
* random xid field (we override it below),
-@@ -723,6 +724,7 @@ static NOINLINE int send_discover(uint32
+@@ -728,6 +729,7 @@ static NOINLINE int send_discover(uint32
*/
add_client_options(&packet);

diff --git a/package/utils/busybox/patches/201-udhcpc_changed_ifindex.patch b/package/utils/busybox/patches/201-udhcpc_changed_ifindex.patch
index 727f69409c..51b15a73cc 100644
--- a/package/utils/busybox/patches/201-udhcpc_changed_ifindex.patch
+++ b/package/utils/busybox/patches/201-udhcpc_changed_ifindex.patch
@@ -1,6 +1,6 @@
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
-@@ -1442,6 +1442,12 @@ int udhcpc_main(int argc UNUSED_PARAM, c
+@@ -1417,6 +1417,12 @@ int udhcpc_main(int argc UNUSED_PARAM, c
/* silence "uninitialized!" warning */
unsigned timestamp_before_wait = timestamp_before_wait;

diff --git a/package/utils/busybox/patches/203-udhcpc_renew_no_deconfig.patch b/package/utils/busybox/patches/203-udhcpc_renew_no_deconfig.patch
index 7b77d2970b..f8e6640389 100644
--- a/package/utils/busybox/patches/203-udhcpc_renew_no_deconfig.patch
+++ b/package/utils/busybox/patches/203-udhcpc_renew_no_deconfig.patch
@@ -1,6 +1,6 @@
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
-@@ -1112,7 +1112,6 @@ static void perform_renew(void)
+@@ -1124,7 +1124,6 @@ static void perform_renew(void)
state = RENEW_REQUESTED;
break;
case RENEW_REQUESTED: /* impatient are we? fine, square 1 */
diff --git a/package/utils/busybox/patches/230-add_nslookup_lede.patch b/package/utils/busybox/patches/230-add_nslookup_lede.patch
index 14c0e87b33..acfc788d19 100644
--- a/package/utils/busybox/patches/230-add_nslookup_lede.patch
+++ b/package/utils/busybox/patches/230-add_nslookup_lede.patch
@@ -34,7 +34,7 @@ Signed-off-by: Jo-Philipp Wich <***@mein.io>
# However, on *other platforms* it fails when some of those flags
--- /dev/null
+++ b/networking/nslookup_lede.c
-@@ -0,0 +1,915 @@
+@@ -0,0 +1,914 @@
+/*
+ * nslookup_lede - musl compatible replacement for busybox nslookup
+ *
@@ -782,8 +782,7 @@ Signed-off-by: Jo-Philipp Wich <***@mein.io>
+ applet_long_options = nslookup_longopts;
+#endif
+
-+ opt_complementary = "q::";
-+ opts = getopt32(argv, "+q:*p:+r:+t:+s",
++ opts = getopt32(argv, "+q:*p:+r:+t:+s" "\0" "q::",
+ &type_strings, &default_port,
+ &default_retry, &default_timeout);
+
diff --git a/package/utils/busybox/patches/250-date-k-flag.patch b/package/utils/busybox/patches/250-date-k-flag.patch
index 476440f62a..3a85312e2f 100644
--- a/package/utils/busybox/patches/250-date-k-flag.patch
+++ b/package/utils/busybox/patches/250-date-k-flag.patch
@@ -1,6 +1,6 @@
--- a/coreutils/date.c
+++ b/coreutils/date.c
-@@ -122,6 +122,7 @@
+@@ -123,6 +123,7 @@
//usage: IF_FEATURE_DATE_ISOFMT(
//usage: "\n -D FMT Use FMT for -d TIME conversion"
//usage: )
@@ -8,7 +8,7 @@
//usage: "\n"
//usage: "\nRecognized TIME formats:"
//usage: "\n hh:mm[:ss]"
-@@ -138,9 +139,8 @@
+@@ -139,9 +140,8 @@

#include "libbb.h"
#include "common_bufsiz.h"
@@ -20,7 +20,7 @@

enum {
OPT_RFC2822 = (1 << 0), /* R */
-@@ -148,8 +148,9 @@ enum {
+@@ -149,8 +149,9 @@ enum {
OPT_UTC = (1 << 2), /* u */
OPT_DATE = (1 << 3), /* d */
OPT_REFERENCE = (1 << 4), /* r */
@@ -31,8 +31,8 @@
+ OPT_HINT = (1 << 7) * ENABLE_FEATURE_DATE_ISOFMT, /* D */
};

- static void maybe_set_utc(int opt)
-@@ -167,12 +168,15 @@ static const char date_longopts[] ALIGN1
+ #if ENABLE_LONG_OPTS
+@@ -162,6 +163,7 @@ static const char date_longopts[] ALIGN1
/* "universal\0" No_argument "u" */
"date\0" Required_argument "d"
"reference\0" Required_argument "r"
@@ -40,6 +40,7 @@
;
#endif

+@@ -181,6 +183,8 @@ static void maybe_set_utc(int opt)
int date_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
int date_main(int argc UNUSED_PARAM, char **argv)
{
@@ -48,16 +49,16 @@
struct timespec ts;
struct tm tm_time;
char buf_fmt_dt2str[64];
-@@ -187,7 +191,7 @@ int date_main(int argc UNUSED_PARAM, cha
- opt_complementary = "d--s:s--d"
- IF_FEATURE_DATE_ISOFMT(":R--I:I--R");
- IF_LONG_OPTS(applet_long_options = date_longopts;)
-- opt = getopt32(argv, "Rs:ud:r:"
-+ opt = getopt32(argv, "Rs:ud:r:k"
- IF_FEATURE_DATE_ISOFMT("I::D:"),
- &date_str, &date_str, &filename
- IF_FEATURE_DATE_ISOFMT(, &isofmt_arg, &fmt_str2dt));
-@@ -244,6 +248,31 @@ int date_main(int argc UNUSED_PARAM, cha
+@@ -193,7 +197,7 @@ int date_main(int argc UNUSED_PARAM, cha
+ char *isofmt_arg = NULL;
+
+ opt = getopt32long(argv, "^"
+- "Rs:ud:r:"
++ "Rs:ud:r:k"
+ IF_FEATURE_DATE_ISOFMT("I::D:")
+ "\0"
+ "d--s:s--d"
+@@ -256,6 +260,31 @@ int date_main(int argc UNUSED_PARAM, cha
if (*argv)
bb_show_usage();

diff --git a/package/utils/busybox/patches/510-move-passwd-applet-to-bin.patch b/package/utils/busybox/patches/510-move-passwd-applet-to-bin.patch
index b19d1c9a39..7dc2cd3ff4 100644
--- a/package/utils/busybox/patches/510-move-passwd-applet-to-bin.patch
+++ b/package/utils/busybox/patches/510-move-passwd-applet-to-bin.patch
@@ -1,7 +1,7 @@
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -23,7 +23,7 @@
- //config: With this option passwd will refuse new passwords which are "weak".
+ //config: With this option passwd will refuse new passwords which are "weak".

//applet:/* Needs to be run by root or be suid root - needs to change /etc/{passwd,shadow}: */
-//applet:IF_PASSWD(APPLET(passwd, BB_DIR_USR_BIN, BB_SUID_REQUIRE))
diff --git a/package/utils/busybox/patches/600-cve-2017-16544.patch b/package/utils/busybox/patches/600-cve-2017-16544.patch
deleted file mode 100644
index 3b142bdd64..0000000000
--- a/package/utils/busybox/patches/600-cve-2017-16544.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From c3797d40a1c57352192c6106cc0f435e7d9c11e8 Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <***@googlemail.com>
-Date: Tue, 7 Nov 2017 18:09:29 +0100
-Subject: lineedit: do not tab-complete any strings which have control
- characters
-
-function old new delta
-add_match 41 68 +27
-
-Signed-off-by: Denys Vlasenko <***@googlemail.com>
----
- libbb/lineedit.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
---- a/libbb/lineedit.c
-+++ b/libbb/lineedit.c
-@@ -633,6 +633,18 @@ static void free_tab_completion_data(voi
-
- static void add_match(char *matched)
- {
-+ unsigned char *p = (unsigned char*)matched;
-+ while (*p) {
-+ /* ESC attack fix: drop any string with control chars */
-+ if (*p < ' '
-+ || (!ENABLE_UNICODE_SUPPORT && *p >= 0x7f)
-+ || (ENABLE_UNICODE_SUPPORT && *p == 0x7f)
-+ ) {
-+ free(matched);
-+ return;
-+ }
-+ p++;
-+ }
- matches = xrealloc_vector(matches, 4, num_matches);
- matches[num_matches] = matched;
- num_matches++;
--
2.16.2
Felix Fietkau
2018-03-27 16:49:32 UTC
Permalink
Post by Daniel Golle
Addresses CVE-2017-15873 and CVE-2017-15874.
Patch 600-cve-2017-16544.patch replaced by upstream fix.
Some smaller changes mostly related to the elimination of
getops's opt_complementary were needed for other patches.
Let's use 1.28.2 (which apparently is already tagged).
See https://github.com/openwrt/openwrt/pull/733#issuecomment-376560596

- Felix

Loading...