diff --git a/net/mpd5/Makefile b/net/mpd5/Makefile index 1955acfe1817..81fc894b519b 100644 --- a/net/mpd5/Makefile +++ b/net/mpd5/Makefile @@ -1,50 +1,50 @@ # Created by: Archie Cobbs PORTNAME= mpd DISTVERSION= 5.9 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net MASTER_SITES= SF/${PORTNAME}/Mpd5/Mpd-${PORTVERSION} PKGNAMESUFFIX= 5 DIST_SUBDIR= mpd5 MAINTAINER= eugen@FreeBSD.org COMMENT= Multi-link PPP daemon based on netgraph(4) LICENSE= BSD3CLAUSE USES= ssl OPTIONS_DEFINE= DOCS NG_IPACCT NG_IPACCT_DESC= Use ng_ipacct kernel module from port HAS_CONFIGURE= YES CONFIGURE_WRKSRC= "${WRKSRC}/src" .include MAKE_ARGS+= OSVERSION=${OSVERSION} .if ${PORT_OPTIONS:MNG_IPACCT} BUILD_DEPENDS+= ${LOCALBASE}/include/netgraph/ng_ipacct.h:net-mgmt/ng_ipacct .if exists(${KMODDIR}/ng_ipacct.ko) RUN_DEPENDS+= ${KMODDIR}/ng_ipacct.ko:net-mgmt/ng_ipacct .else RUN_DEPENDS+= /boot/modules/ng_ipacct.ko:net-mgmt/ng_ipacct .endif .else CONFIGURE_ENV+= USE_NG_IPACCT=no MAKE_ARGS+= USE_NG_IPACCT=no .endif USE_RC_SUBR= mpd5 CONFSUF= conf secret script DOCSDIR= ${PREFIX}/share/doc/mpd5 PORTDOCS= README mpd* PLIST_FILES= ${CONFSUF:S/^/etc\/mpd5\/mpd./:S/$/.sample/} sbin/mpd5 .if !defined(WITHOUT_MAN) PLIST_FILES+= man/man8/mpd5.8.gz .endif .include diff --git a/net/mpd5/files/patch-pppoe.c b/net/mpd5/files/patch-pppoe.c new file mode 100644 index 000000000000..ccc3e117df6a --- /dev/null +++ b/net/mpd5/files/patch-pppoe.c @@ -0,0 +1,34 @@ +Index: src/pppoe.c +=================================================================== +--- src/pppoe.c (revision 2420) ++++ src/pppoe.c (revision 2423) +@@ -1257,6 +1257,8 @@ PppoeListenEvent(int type, void *arg) + const struct pppoe_hdr *ph; + const struct pppoe_tag *tag; + ++ u_int16_t length; ++ + union { + u_char buf[sizeof(struct ngpppoe_init_data) + MAX_SESSION]; + struct ngpppoe_init_data poeid; +@@ -1288,6 +1290,20 @@ PppoeListenEvent(int type, void *arg) + + wh = (struct pppoe_full_hdr *)response; + ph = &wh->ph; ++ ++ /* Sanity check */ ++ length = ntohs(ph->length); ++ if (length > (size_t)sz - sizeof(struct pppoe_full_hdr)) { ++ Log(LG_PHYS, ("Ignored incoming PPPoE connection request " ++ "via %s for service \"%s\" from %s " ++ "due to bad length %hu > %u", ++ PIf->ifnodepath, session, ++ ether_ntoa((const struct ether_addr *)&wh->eh.ether_shost), ++ length, ++ (unsigned)((size_t)sz - sizeof(struct pppoe_full_hdr)))); ++ return; ++ } ++ + if ((tag = get_tag(ph, PTT_SRV_NAME))) { + size_t len = ntohs(tag->tag_len); + if (len >= sizeof(real_session))