diff options
| author | Waldemar Brodkorb <wbx@openadk.org> | 2009-12-27 23:09:19 +0100 |
|---|---|---|
| committer | Waldemar Brodkorb <wbx@openadk.org> | 2009-12-27 23:09:19 +0100 |
| commit | dd163e09b582177ce54fae44b63b10579ee0746d (patch) | |
| tree | 80f6341bacc9e62a274231157ec35a5b262f5e24 /package/snort | |
| parent | 537a2c4eaa446e52c6ba07007eb9ae75998b5580 (diff) | |
fix make allmodconfig
update several packages, remove snort-wireless.
Diffstat (limited to 'package/snort')
27 files changed, 994 insertions, 9 deletions
diff --git a/package/snort/Makefile b/package/snort/Makefile index 1c9832c53..cc38c43cc 100644 --- a/package/snort/Makefile +++ b/package/snort/Makefile @@ -4,21 +4,23 @@ include ${TOPDIR}/rules.mk PKG_NAME:= snort -PKG_VERSION:= 2.6.1.2 -PKG_RELEASE:= 8 -PKG_BUILDDEP+= libnet libpcap pcre -PKG_MD5SUM:= 22c448e25538cdf74c62abe586aeac0a +PKG_VERSION:= 2.8.5.1 +PKG_RELEASE:= 1 +PKG_MD5SUM:= b1abf3a9fa3486720c9a2b5eff920417 PKG_DESCR:= a flexible Network Intrusion Detection System (NIDS) PKG_SECTION:= net +PKG_NOPARALLEL:= 1 PKG_DEPENDS:= libnet libpcap pcre -PKG_SITES:= http://www.snort.org/dl/current/ +PKG_BUILDDEP+= libnet libpcap pcre +PKG_URL:= http://www.snort.org/ +PKG_SITES:= http://dl.snort.org/snort-current/ include ${TOPDIR}/mk/package.mk $(eval $(call PKG_template,SNORT,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) -CONFIGURE_STYLE= gnu -CONFIGURE_ARGS+= --enable-flexresp \ +CONFIGURE_STYLE:= gnu +CONFIGURE_ARGS+= --disable-flexresp \ --with-libnet-includes="${STAGING_DIR}/usr/include" \ --with-libnet-libraries="${STAGING_DIR}/usr/lib" \ --with-libpcap-includes="${STAGING_DIR}/usr/include" \ @@ -28,8 +30,8 @@ CONFIGURE_ARGS+= --enable-flexresp \ --without-mysql \ --without-postgresql \ --disable-inline -BUILD_STYLE= auto -INSTALL_STYLE= auto +BUILD_STYLE:= auto +INSTALL_STYLE:= auto post-install: ${INSTALL_DIR} ${IDIR_SNORT}/usr/bin diff --git a/package/snort/patches/patch-configure b/package/snort/patches/patch-configure new file mode 100644 index 000000000..ddf3d5bba --- /dev/null +++ b/package/snort/patches/patch-configure @@ -0,0 +1,83 @@ +--- snort-2.8.5.1.orig/configure 2009-10-19 23:08:11.000000000 +0200 ++++ snort-2.8.5.1/configure 2009-12-27 15:59:57.000000000 +0100 +@@ -24242,70 +24242,7 @@ _ACEOF + fi + + +-# In case INADDR_NONE is not defined (like on Solaris) +-have_inaddr_none="no" +-echo "$as_me:$LINENO: checking for INADDR_NONE" >&5 +-echo $ECHO_N "checking for INADDR_NONE... $ECHO_C" >&6 +-if test "$cross_compiling" = yes; then +- { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&5 +-echo "$as_me: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&2;} +- { (exit 1); exit 1; }; } +-else +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#include <sys/types.h> +-#include <netinet/in.h> +-#include <arpa/inet.h> +- +-int +-main () +-{ +- +- if (inet_addr("10,5,2") == INADDR_NONE); +- return 0; +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && { ac_try='./conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- have_inaddr_none="yes" +-else +- echo "$as_me: program exited with status $ac_status" >&5 +-echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-( exit $ac_status ) +-have_inaddr_none="no" +-fi +-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +-fi +-echo "$as_me:$LINENO: result: $have_inaddr_none" >&5 +-echo "${ECHO_T}$have_inaddr_none" >&6 +-if test "x$have_inaddr_none" = "xno"; then +- +-cat >>confdefs.h <<\_ACEOF +-#define INADDR_NONE -1 +-_ACEOF +- +-fi ++have_inaddr_none="yes" + + cat >conftest.$ac_ext <<_ACEOF + /* confdefs.h. */ +@@ -24959,7 +24896,7 @@ fi + # that versions < 0.9 do not accumulate packet statistics whereas >= 0.9 do accumulate. + # This is Linux only. The check is done after pcre because the code below uses pcre. + # It seems Phil Wood's pcap does not accumulate - 0.9x +-pcap_version_check="yes" ++pcap_version_check="no" + if test "x$linux" = "xyes"; then + if test "x$pcap_version_check" = "xyes"; then + echo "$as_me:$LINENO: checking for libpcap version >= 0.9" >&5 diff --git a/package/snort/patches/patch-configure.orig b/package/snort/patches/patch-configure.orig new file mode 100644 index 000000000..c2a99e2ae --- /dev/null +++ b/package/snort/patches/patch-configure.orig @@ -0,0 +1,74 @@ +--- snort-2.8.5.1.orig/configure 2009-10-19 23:08:11.000000000 +0200 ++++ snort-2.8.5.1/configure 2009-12-27 15:47:57.000000000 +0100 +@@ -24242,70 +24242,7 @@ _ACEOF + fi + + +-# In case INADDR_NONE is not defined (like on Solaris) +-have_inaddr_none="no" +-echo "$as_me:$LINENO: checking for INADDR_NONE" >&5 +-echo $ECHO_N "checking for INADDR_NONE... $ECHO_C" >&6 +-if test "$cross_compiling" = yes; then +- { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&5 +-echo "$as_me: error: cannot run test program while cross compiling +-See \`config.log' for more details." >&2;} +- { (exit 1); exit 1; }; } +-else +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#include <sys/types.h> +-#include <netinet/in.h> +-#include <arpa/inet.h> +- +-int +-main () +-{ +- +- if (inet_addr("10,5,2") == INADDR_NONE); +- return 0; +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && { ac_try='./conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- have_inaddr_none="yes" +-else +- echo "$as_me: program exited with status $ac_status" >&5 +-echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-( exit $ac_status ) +-have_inaddr_none="no" +-fi +-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +-fi +-echo "$as_me:$LINENO: result: $have_inaddr_none" >&5 +-echo "${ECHO_T}$have_inaddr_none" >&6 +-if test "x$have_inaddr_none" = "xno"; then +- +-cat >>confdefs.h <<\_ACEOF +-#define INADDR_NONE -1 +-_ACEOF +- +-fi ++have_inaddr_none="yes" + + cat >conftest.$ac_ext <<_ACEOF + /* confdefs.h. */ diff --git a/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c b/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c new file mode 100644 index 000000000..3f755d349 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_ip_tos_check_c @@ -0,0 +1,26 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_ip_tos_check.c 2009-05-07 00:28:33.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_ip_tos_check.c 2009-12-27 16:51:48.000000000 +0100 +@@ -191,19 +191,19 @@ void ParseIpTos(char *data, OptTreeNode + ds_ptr->not_flag = 1; + } + +- if(index(data, (int) 'x') == NULL && index(data, (int)'X') == NULL) ++ if(strchr(data, (int) 'x') == NULL && strchr(data, (int)'X') == NULL) + { + ds_ptr->ip_tos = atoi(data); + } + else + { +- if(index(data,(int)'x')) ++ if(strchr(data,(int)'x')) + { +- ds_ptr->ip_tos = (u_char) strtol((index(data, (int)'x')+1), NULL, 16); ++ ds_ptr->ip_tos = (u_char) strtol((strchr(data, (int)'x')+1), NULL, 16); + } + else + { +- ds_ptr->ip_tos = (u_char) strtol((index(data, (int)'X')+1), NULL, 16); ++ ds_ptr->ip_tos = (u_char) strtol((strchr(data, (int)'X')+1), NULL, 16); + } + } + diff --git a/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c new file mode 100644 index 000000000..6c03a3417 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c @@ -0,0 +1,85 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_pattern_match.c 2009-08-10 22:41:44.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_pattern_match.c 2009-12-27 17:24:45.000000000 +0100 +@@ -831,7 +831,7 @@ void PayloadSearchListInit(char *data, O + data++; + + /* grab everything between the starting " and the end one */ +- sptr = index(data, '"'); ++ sptr = strchr(data, '"'); + eptr = strrchr(data, '"'); + + if(sptr != NULL && eptr != NULL) +@@ -862,21 +862,21 @@ static char *PayloadExtractParameter(cha + char *quote_one = NULL, *quote_two = NULL; + char *comma = NULL; + +- quote_one = index(data, '"'); ++ quote_one = strchr(data, '"'); + if (quote_one) + { +- quote_two = index(quote_one+1, '"'); ++ quote_two = strchr(quote_one+1, '"'); + while ( quote_two && quote_two[-1] == '\\' ) +- quote_two = index(quote_two+1, '"'); ++ quote_two = strchr(quote_two+1, '"'); + } + + if (quote_one && quote_two) + { +- comma = index(quote_two, ','); ++ comma = strchr(quote_two, ','); + } + else if (!quote_one) + { +- comma = index(data, ','); ++ comma = strchr(data, ','); + } + + if (comma) +@@ -2016,7 +2016,7 @@ void ParsePattern(char *rule, OptTreeNod + PatternMatchData *ds_idx; + + /* clear out the temp buffer */ +- bzero(tmp_buf, MAX_PATTERN_SIZE); ++ memset(tmp_buf, 0, MAX_PATTERN_SIZE); + + if(rule == NULL) + { +@@ -2035,7 +2035,7 @@ void ParsePattern(char *rule, OptTreeNod + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr != rule) + { +@@ -2089,7 +2089,7 @@ void ParsePattern(char *rule, OptTreeNod + dummy_end = (dummy_idx + size); + + /* why is this buffer so small? */ +- bzero(hex_buf, 3); ++ memset(hex_buf, 0, 3); + memset(hex_buf, '0', 2); + + /* BEGIN BAD JUJU..... */ +@@ -2204,7 +2204,7 @@ void ParsePattern(char *rule, OptTreeNod + strtol(hex_buf, (char **) NULL, 16)&0xFF; + + dummy_size++; +- bzero(hex_buf, 3); ++ memset(hex_buf, 0, 3); + memset(hex_buf, '0', 2); + } + else +@@ -2759,8 +2759,8 @@ static void ParseContentListFile(char *f + } + + /* clear the line and rule buffers */ +- bzero((char *) buf, STD_BUF); +- bzero((char *) rule_buf, STD_BUF); ++ memset((char *) buf, 0, STD_BUF); ++ memset((char *) rule_buf, 0, STD_BUF); + frazes_count = 0; + + /* loop thru each list_file line and content to the rule */ diff --git a/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c.orig b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c.orig new file mode 100644 index 000000000..a0a9802ad --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_pattern_match_c.orig @@ -0,0 +1,47 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_pattern_match.c 2009-08-10 22:41:44.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_pattern_match.c 2009-12-27 16:06:41.000000000 +0100 +@@ -831,7 +831,7 @@ void PayloadSearchListInit(char *data, O + data++; + + /* grab everything between the starting " and the end one */ +- sptr = index(data, '"'); ++ sptr = strchr(data, '"'); + eptr = strrchr(data, '"'); + + if(sptr != NULL && eptr != NULL) +@@ -862,21 +862,21 @@ static char *PayloadExtractParameter(cha + char *quote_one = NULL, *quote_two = NULL; + char *comma = NULL; + +- quote_one = index(data, '"'); ++ quote_one = strchr(data, '"'); + if (quote_one) + { +- quote_two = index(quote_one+1, '"'); ++ quote_two = strchr(quote_one+1, '"'); + while ( quote_two && quote_two[-1] == '\\' ) +- quote_two = index(quote_two+1, '"'); ++ quote_two = strchr(quote_two+1, '"'); + } + + if (quote_one && quote_two) + { +- comma = index(quote_two, ','); ++ comma = strchr(quote_two, ','); + } + else if (!quote_one) + { +- comma = index(data, ','); ++ comma = strchr(data, ','); + } + + if (comma) +@@ -2035,7 +2035,7 @@ void ParsePattern(char *rule, OptTreeNod + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr != rule) + { diff --git a/package/snort/patches/patch-src_detection-plugins_sp_replace_c b/package/snort/patches/patch-src_detection-plugins_sp_replace_c new file mode 100644 index 000000000..ebf2f0375 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_replace_c @@ -0,0 +1,38 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_replace.c 2009-07-07 17:37:04.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_replace.c 2009-12-27 17:23:47.000000000 +0100 +@@ -111,7 +111,7 @@ static PatternMatchData * Replace_Parse( + file_name, file_line); + } + /* clear out the temp buffer */ +- bzero(tmp_buf, MAX_PATTERN_SIZE); ++ memset(tmp_buf, 0, MAX_PATTERN_SIZE); + + while(isspace((int)*rule)) + rule++; +@@ -122,7 +122,7 @@ static PatternMatchData * Replace_Parse( + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr == NULL) + { +@@ -163,7 +163,7 @@ static PatternMatchData * Replace_Parse( + dummy_end = (dummy_idx + size); + + /* why is this buffer so small? */ +- bzero(hex_buf, 3); ++ memset(hex_buf, 0, 3); + memset(hex_buf, '0', 2); + + /* BEGIN BAD JUJU..... */ +@@ -269,7 +269,7 @@ static PatternMatchData * Replace_Parse( + strtol(hex_buf, (char **) NULL, 16)&0xFF; + + dummy_size++; +- bzero(hex_buf, 3); ++ memset(hex_buf, 0, 3); + memset(hex_buf, '0', 2); + } + else diff --git a/package/snort/patches/patch-src_detection-plugins_sp_replace_c.orig b/package/snort/patches/patch-src_detection-plugins_sp_replace_c.orig new file mode 100644 index 000000000..3e78de505 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_replace_c.orig @@ -0,0 +1,11 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_replace.c 2009-07-07 17:37:04.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_replace.c 2009-12-27 17:14:46.000000000 +0100 +@@ -122,7 +122,7 @@ static PatternMatchData * Replace_Parse( + } + + /* find the start of the data */ +- start_ptr = index(rule, '"'); ++ start_ptr = strchr(rule, '"'); + + if(start_ptr == NULL) + { diff --git a/package/snort/patches/patch-src_detection-plugins_sp_session_c b/package/snort/patches/patch-src_detection-plugins_sp_session_c new file mode 100644 index 000000000..8f874f5ac --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_session_c @@ -0,0 +1,13 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_session.c 2009-08-10 22:41:45.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_session.c 2009-12-27 17:24:07.000000000 +0100 +@@ -378,8 +378,8 @@ FILE *OpenSessionFile(Packet *p) + return NULL; + } + +- bzero((char *)session_file, STD_BUF); +- bzero((char *)log_path, STD_BUF); ++ memset((char *)session_file, 0, STD_BUF); ++ memset((char *)log_path, 0, STD_BUF); + + /* figure out which way this packet is headed in relation to the homenet */ + #ifdef SUP_IP6 diff --git a/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c b/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c new file mode 100644 index 000000000..6433539c7 --- /dev/null +++ b/package/snort/patches/patch-src_detection-plugins_sp_tcp_win_check_c @@ -0,0 +1,26 @@ +--- snort-2.8.5.1.orig/src/detection-plugins/sp_tcp_win_check.c 2009-05-07 00:28:39.000000000 +0200 ++++ snort-2.8.5.1/src/detection-plugins/sp_tcp_win_check.c 2009-12-27 16:11:37.000000000 +0100 +@@ -196,19 +196,19 @@ void ParseTcpWin(char *data, OptTreeNode + ds_ptr->not_flag = 1; + } + +- if(index(data, (int) 'x') == NULL && index(data, (int)'X') == NULL) ++ if(strchr(data, (int) 'x') == NULL && strchr(data, (int)'X') == NULL) + { + win_size = atoi(data); + } + else + { +- if(index(data,(int)'x')) ++ if(strchr(data,(int)'x')) + { +- win_size = (uint16_t) strtol((index(data, (int)'x')+1), NULL, 16); ++ win_size = (uint16_t) strtol((strchr(data, (int)'x')+1), NULL, 16); + } + else + { +- win_size = (uint16_t) strtol((index(data, (int)'X')+1), NULL, 16); ++ win_size = (uint16_t) strtol((strchr(data, (int)'X')+1), NULL, 16); + } + } + diff --git a/package/snort/patches/patch-src_dynamic-preprocessors_dns_spp_dns_c b/package/snort/patches/patch-src_dynamic-preprocessors_dns_spp_dns_c new file mode 100644 index 000000000..c8584410b --- /dev/null +++ b/package/snort/patches/patch-src_dynamic-preprocessors_dns_spp_dns_c @@ -0,0 +1,47 @@ +--- snort-2.8.5.1.orig/src/dynamic-preprocessors/dns/spp_dns.c 2009-10-02 22:29:57.000000000 +0200 ++++ snort-2.8.5.1/src/dynamic-preprocessors/dns/spp_dns.c 2009-12-27 17:17:22.000000000 +0100 +@@ -749,7 +749,7 @@ static uint16_t ParseDNSQuestion(const u + if (dnsSessionData->curr_txt.name_state == DNS_RESP_STATE_NAME_COMPLETE) + { + dnsSessionData->curr_rec_state = DNS_RESP_STATE_Q_TYPE; +- bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); ++ memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); + data = data + bytes_used; + bytes_unused = new_bytes_unused; + +@@ -837,7 +837,7 @@ uint16_t ParseDNSAnswer(const unsigned c + if (dnsSessionData->curr_txt.name_state == DNS_RESP_STATE_NAME_COMPLETE) + { + dnsSessionData->curr_rec_state = DNS_RESP_STATE_RR_TYPE; +- bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); ++ memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); + data = data + bytes_used; + } + bytes_unused = new_bytes_unused; +@@ -1272,7 +1272,7 @@ void ParseDNSResponseMessage(SFSnortPack + if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) + { + /* Reset the state tracking for this record */ +- bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); ++ memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); + } + data = p->payload + (p->payload_size - bytes_unused); + } +@@ -1328,7 +1328,7 @@ void ParseDNSResponseMessage(SFSnortPack + if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) + { + /* Reset the state tracking for this record */ +- bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); ++ memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); + } + data = p->payload + (p->payload_size - bytes_unused); + } +@@ -1384,7 +1384,7 @@ void ParseDNSResponseMessage(SFSnortPack + if (dnsSessionData->curr_rr.type == DNS_RR_TYPE_TXT) + { + /* Reset the state tracking for this record */ +- bzero(&dnsSessionData->curr_txt, sizeof(DNSNameState)); ++ memset(&dnsSessionData->curr_txt, 0, sizeof(DNSNameState)); + } + data = p->payload + (p->payload_size - bytes_unused); + } diff --git a/package/snort/patches/patch-src_inline_c b/package/snort/patches/patch-src_inline_c new file mode 100644 index 000000000..64c7a226f --- /dev/null +++ b/package/snort/patches/patch-src_inline_c @@ -0,0 +1,11 @@ +--- snort-2.8.5.1.orig/src/inline.c 2009-07-07 17:37:01.000000000 +0200 ++++ snort-2.8.5.1/src/inline.c 2009-12-27 17:20:43.000000000 +0100 +@@ -335,7 +335,7 @@ void IpfwLoop(void) + } + + /* Fill in necessary fields */ +- bzero(&sin, sizeof(sin)); ++ memset(&sin, 0, sizeof(sin)); + sin.sin_family = PF_INET; + sin.sin_addr.s_addr = INADDR_ANY; + sin.sin_port = htons(ScDivertPort()); diff --git a/package/snort/patches/patch-src_log_c b/package/snort/patches/patch-src_log_c new file mode 100644 index 000000000..456b6a033 --- /dev/null +++ b/package/snort/patches/patch-src_log_c @@ -0,0 +1,162 @@ +--- snort-2.8.5.1.orig/src/log.c 2009-10-19 17:48:42.000000000 +0200 ++++ snort-2.8.5.1/src/log.c 2009-12-27 17:19:26.000000000 +0100 +@@ -362,7 +362,7 @@ void PrintIPPkt(FILE * fp, int type, Pac + + DEBUG_WRAP(DebugMessage(DEBUG_LOG, "PrintIPPkt type = %d\n", type);); + +- bzero((char *) timestamp, TIMEBUF_SIZE); ++ memset((char *) timestamp, 0, TIMEBUF_SIZE); + ts_print((struct timeval *) & p->pkth->ts, timestamp); + + /* dump the timestamp */ +@@ -863,8 +863,8 @@ void PrintArpHeader(FILE * fp, Packet * + const uint8_t *mac_src = NULL; + const uint8_t *mac_dst = NULL; + +- bzero((struct in_addr *) &ip_addr, sizeof(struct in_addr)); +- bzero((char *) timestamp, TIMEBUF_SIZE); ++ memset((struct in_addr *) &ip_addr, 0, sizeof(struct in_addr)); ++ memset((char *) timestamp, 0, TIMEBUF_SIZE); + ts_print((struct timeval *) & p->pkth->ts, timestamp); + + /* determine what to use as MAC src and dst */ +@@ -916,7 +916,7 @@ void PrintArpHeader(FILE * fp, Packet * + switch(ntohs(p->ah->ea_hdr.ar_op)) + { + case ARPOP_REQUEST: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + fprintf(fp, "ARP who-has %s", inet_ntoa(ip_addr)); + + if(memcmp((char *) ezero, (char *) p->ah->arp_tha, 6) != 0) +@@ -925,7 +925,7 @@ void PrintArpHeader(FILE * fp, Packet * + p->ah->arp_tha[1], p->ah->arp_tha[2], p->ah->arp_tha[3], + p->ah->arp_tha[4], p->ah->arp_tha[5]); + } +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + + fprintf(fp, " tell %s", inet_ntoa(ip_addr)); + +@@ -938,7 +938,7 @@ void PrintArpHeader(FILE * fp, Packet * + break; + + case ARPOP_REPLY: +- bcopy((void *)p->ah->arp_spa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_spa, sizeof(ip_addr)); + fprintf(fp, "ARP reply %s", inet_ntoa(ip_addr)); + + /* print out the originating request if we're on a weirder +@@ -971,7 +971,7 @@ void PrintArpHeader(FILE * fp, Packet * + break; + + case ARPOP_RREPLY: +- bcopy((void *)p->ah->arp_tpa, (void *) &ip_addr, sizeof(ip_addr)); ++ memcpy((void *) &ip_addr, (void *)p->ah->arp_tpa, sizeof(ip_addr)); + fprintf(fp, "RARP reply %X:%X:%X:%X:%X:%X at %s", + p->ah->arp_tha[0], p->ah->arp_tha[1], p->ah->arp_tha[2], + p->ah->arp_tha[3], p->ah->arp_tha[4], p->ah->arp_tha[5], +@@ -1467,7 +1467,7 @@ void PrintICMPEmbeddedIP(FILE *fp, Packe + if (fp == NULL || p == NULL) + return; + +- bzero((char *) &op, sizeof(Packet)); ++ memset((char *) &op, 0, sizeof(Packet)); + orig_p = &op; + + orig_p->iph = p->orig_iph; +@@ -1717,7 +1717,7 @@ void PrintTcpOptions(FILE * fp, Packet * + switch(p->tcp_options[i].code) + { + case TCPOPT_MAXSEG: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + fwrite("MSS: ", 5, 1, fp); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 2); +@@ -1740,11 +1740,11 @@ void PrintTcpOptions(FILE * fp, Packet * + break; + + case TCPOPT_SACK: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data && (p->tcp_options[i].len >= 2)) + memcpy(tmp, p->tcp_options[i].data, 2); + fprintf(fp, "Sack: %u@", EXTRACT_16BITS(tmp)); +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data && (p->tcp_options[i].len >= 4)) + memcpy(tmp, (p->tcp_options[i].data) + 2, 2); + fprintf(fp, "%u ", EXTRACT_16BITS(tmp)); +@@ -1755,46 +1755,46 @@ void PrintTcpOptions(FILE * fp, Packet * + break; + + case TCPOPT_ECHO: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "Echo: %u ", EXTRACT_32BITS(tmp)); + break; + + case TCPOPT_ECHOREPLY: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "Echo Rep: %u ", EXTRACT_32BITS(tmp)); + break; + + case TCPOPT_TIMESTAMP: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "TS: %u ", EXTRACT_32BITS(tmp)); +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, (p->tcp_options[i].data) + 4, 4); + fprintf(fp, "%u ", EXTRACT_32BITS(tmp)); + break; + + case TCPOPT_CC: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "CC %u ", EXTRACT_32BITS(tmp)); + break; + + case TCPOPT_CCNEW: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "CCNEW: %u ", EXTRACT_32BITS(tmp)); + break; + + case TCPOPT_CCECHO: +- bzero((char *) tmp, 5); ++ memset((char *) tmp, 0, 5); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); + fprintf(fp, "CCECHO: %u ", EXTRACT_32BITS(tmp)); +@@ -1944,7 +1944,7 @@ void PrintEapolPkt(FILE * fp, Packet * p + char timestamp[TIMEBUF_SIZE]; + + +- bzero((char *) timestamp, TIMEBUF_SIZE); ++ memset((char *) timestamp, 0, TIMEBUF_SIZE); + ts_print((struct timeval *) & p->pkth->ts, timestamp); + + /* dump the timestamp */ +@@ -2118,7 +2118,7 @@ void PrintWifiPkt(FILE * fp, Packet * p) + char timestamp[TIMEBUF_SIZE]; + + +- bzero((char *) timestamp, TIMEBUF_SIZE); ++ memset((char *) timestamp, 0, TIMEBUF_SIZE); + ts_print((struct timeval *) & p->pkth->ts, timestamp); + + /* dump the timestamp */ diff --git a/package/snort/patches/patch-src_log_c.o |