aboutsummaryrefslogtreecommitdiff
path: root/slirp/sbuf.h
AgeCommit message (Collapse)Author
2021-08-03Update libslirp to v4.6.1Marc-André Lureau
Switch from stable-4.2 branch to upstream v4.6.1 release + fixes. ## [Unreleased] ### Fixed - Haiku fixes. !98 !99 - Fix a minor DHCP regression introduced in 4.6.0. !97 ## [4.6.1] - 2021-06-18 ### Fixed - Fix DHCP regression introduced in 4.6.0. !95 ## [4.6.0] - 2021-06-14 ### Added - mbuf: Add debugging helpers for allocation. !90 ### Changed - Revert "Set macOS deployment target to macOS 10.4". !93 ### Fixed - mtod()-related buffer overflows (CVE-2021-3592 #44, CVE-2021-3593 #45, CVE-2021-3594 #47, CVE-2021-3595 #46). - poll_fd: add missing fd registration for UDP and ICMP - ncsi: make ncsi_calculate_checksum work with unaligned data. !89 - Various typos and doc fixes. !88 ## [4.5.0] - 2021-05-18 ### Added - IPv6 forwarding. !62 !75 !77 - slirp_neighbor_info() to dump the ARP/NDP tables. !71 ### Changed - Lazy guest address resolution for IPv6. !81 - Improve signal handling when spawning a child. !61 - Set macOS deployment target to macOS 10.4. !72 - slirp_add_hostfwd: Ensure all error paths set errno. !80 - More API documentation. ### Fixed - Assertion failure on unspecified IPv6 address. !86 - Disable polling for PRI on MacOS, fixing some closing streams issues. !73 - Various memory leak fixes on fastq/batchq. !68 - Memory leak on IPv6 fast-send. !67 - Slow socket response on Windows. !64 - Misc build and code cleanups. !60 !63 !76 !79 !84 ## [4.4.0] - 2020-12-02 ### Added - udp, udp6, icmp: handle TTL value. !48 - Enable forwarding ICMP errors. !49 - Add DNS resolving for iOS. !54 ### Changed - Improve meson subproject() support. !53 - Removed Makefile-based build system. !56 ### Fixed - socket: consume empty packets. !55 - check pkt_len before reading protocol header (CVE-2020-29129). !57 - ip_stripoptions use memmove (fixes undefined behaviour). !47 - various Coverity-related changes/fixes. ## [4.3.1] - 2020-07-08 ### Changed - A silent truncation could occur in `slirp_fmt()`, which will now print a critical message. See also #22. ### Fixed - CVE-2020-10756 - Drop bogus IPv6 messages that could lead to data leakage. See !44 and !42. - Fix win32 builds by using the SLIRP_PACKED definition. - Various coverity scan errors fixed. !41 - Fix new GCC warnings. !43 ## [4.3.0] - 2020-04-22 ### Added - `SLIRP_VERSION_STRING` macro, with the git sha suffix when building from git - `SlirpConfig.disable_dns`, to disable DNS redirection #16 ### Changed - `slirp_version_string()` now has the git sha suffix when building form git - Limit DNS redirection to port 53 #16 ### Fixed - Fix build regression with mingw & NetBSD - Fix use-afte-free in `ip_reass()` (CVE-2020-1983) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Doug Evans <dje@google.com>
2020-11-27slirp: update to fix CVE-2020-29129 CVE-2020-29130Marc-André Lureau
An out-of-bounds access issue was found in the SLIRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to potentially leak host information bytes. Marc-André Lureau (1): Merge branch 'stable-4.2' into 'stable-4.2' Prasad J Pandit (1): slirp: check pkt_len before reading protocol header Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28slirp: update to latest stable-4.2 branchMarc-André Lureau
Dr. David Alan Gilbert (1): ip_stripoptions use memmove Jindrich Novy (4): Fix possible infinite loops and use-after-free Use secure string copy to avoid overflow Be sure to initialize sockaddr structure Check lseek() for failure Marc-André Lureau (2): util: do not silently truncate Merge branch 'stable-4.2' into 'stable-4.2' Philippe Mathieu-Daudé (3): Fix win32 builds by using the SLIRP_PACKED definition Fix constness warnings Remove unnecessary break Ralf Haferkamp (2): Drop bogus IPv6 messages Fix MTU check Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-04-21slirp: update to fix CVE-2020-1983Marc-André Lureau
This is an update on the stable-4.2 branch of libslirp.git: git shortlog 55ab21c9a3..2faae0f778f81 Marc-André Lureau (1): Fix use-afte-free in ip_reass() (CVE-2020-1983) CVE-2020-1983 is actually a follow up fix for commit 126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in ip_reass on big packet input") which was was included in qemu v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update with CVE-2019-14378 fix"). Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20200421170227.843555-1-marcandre.lureau@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-03-22slirp: update submodule to v4.2.0+Marc-André Lureau
git shortlog 126c04acbabd7ad32c2b018fe10dfac2a3bc1210..55ab21c9a36852915b81f1b41ebaf3b6509dd8ba 5eraph (1): Use specific outbound IP address Akihiro Suda (8): remove confusing comment that exists from ancient slirp add slirp_new(SlirpConfig *, SlirpCb *, void *) allow custom MTU add disable_host_loopback (prohibit connections to 127.0.0.1) add SlirpConfig version emu: remove dead code emu: disable by default fix a typo in a comment Anders Waldenborg (1): state: fix loading of guestfwd state Giuseppe Scrivano (1): socket: avoid getpeername after shutdown(SHUT_WR) Jindrich Novy (1): Don't leak memory when reallocation fails. Jordi Pujol Palomer (1): fork_exec: correctly parse command lines that contain spaces Marc-André Lureau (60): Merge branch 'AkihiroSuda/libslirp-slirp4netns' Merge branch 'fix-typo' into 'master' meson: make it subproject friendly Merge branch 'meson' into 'master' misc: fix compilation warnings Merge branch 'fix-shutdown-wr' into 'master' sbuf: remove unused and undefined sbcopy() path sbuf: check more strictly sbcopy() bounds with offset sbuf: replace a comment with a runtime warning Replace remaining malloc/free user with glib tcp_attach() can no longer fail state: can't ENOMEM sbuf: use unsigned types sbuf: simplify sbreserve() dnssearch: use g_strv_length() vmstate: silence scan-build warning gitlab-ci: run scan-build Merge branch 'mem-cleanups' into 'master' libslirp.map: bind slirp_new to SLIRP_4.1 version meson: fix libtool versioning Release v4.1.0 Merge branch '4.1.0' into 'master' CHANGELOG: start unreleased section Merge branch 'add-unix' into 'master' util: add G_SIZEOF_MEMBER() macro Check bootp_filename is not going to be truncated bootp: remove extra cast bootp: replace simple snprintf() with strcpy() tftp: clarify what is actually OACK m_len tcp_emu: add more fixme/warnings comments util: add slirp_fmt() helpers dhcpv6: use slirp_fmt() misc: use slirp_fmt0() tftp: use slirp_fmt0() tcp_ctl: use slirp_fmt() tcp_emu: fix unsafe snprintf() usages misc: improve error report Use g_snprintf() util: add gnuc format function attribute to slirp_fmt* Merge branch 'aw-guestfwd-state' into 'master' Merge branch 'slirp-fmt' into 'master' socket: remove extra label and variable socket: factor out sotranslate ipv4/ipv6 handling socket: remove need for extra scope_id variable socket: do not fallback on host loopback if get_dns_addr() failed socket: do not fallback on loopback addr for addresses in our mask/prefix Prepare for v4.2.0 release Merge branch 'translate-fix' into 'master' Merge branch 'release-v4.2.0' into 'master' changelog: post-release changelog: fix link .gitlab-ci: add --werror, treat CI build warnings as errors Revert "socket: remove need for extra scope_id variable" Teach slirp_version_string() to return vcs version Merge branch 'mingw-fix' into 'master' Merge branch 'vcs-version' into 'master' meson: bump required version to 0.49 build-sys: fix NetBSD build regression Merge branch 'netbsd-fix' into 'master' build-sys: make libslirp-version.h depend on Makefile PanNengyuan (1): libslirp: fix NULL pointer dereference in tcp_sockclosed Philippe Mathieu-Daudé (1): Add a git-publish configuration file Prasad J Pandit (4): slirp: ncsi: compute checksum for valid data length slirp: use correct size while emulating IRC commands slirp: use correct size while emulating commands slirp: tftp: restrict relative path access Renzo Davoli (2): Add slirp_remove_guestfwd() Add slirp_add_unix() Samuel Thibault (14): ip_reass: explain why we should not always update the q pointer Merge branch 'comment' into 'master' Merge branch 'no-emu' into 'master' Fix bogus indent, no source change ip_reass: Fix use after free Merge branch 'reass2' into 'master' Make host receive broadcast packets arp: Allow 0.0.0.0 destination address Merge branch 'warnings' into 'master' Merge branch 'arp_0' into 'master' Merge branch 'broadcast' into 'master' tcp_emu: Fix oob access Merge branch 'oob' into 'master' Merge branch 'master' into 'master' Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-08-02slirp: update with CVE-2019-14378 fixMarc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2019-05-09Update upstream slirpSamuel Thibault
Adds gitignore, README file, and fixes ident protocol parsing. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-05-04Update slirp submoduleSamuel Thibault
To fix Windows on ARM.
2019-05-03build-sys: move slirp as git submodule projectMarc-André Lureau
The slirp project is now hosted on freedesktop at: https://gitlab.freedesktop.org/slirp. The libslirp source was extracted from qemu/slirp filtered through clang-format (available in project tree). The qemu slirp directory can be swapped by a git submodule. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20190424110041.8175-3-marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-03-07slirp: move sources to src/ subdirectoryMarc-André Lureau
Prepare for making slirp/ a standalone project. Remove some useless includes while at it. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20190212162524.31504-5-marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-02-07slirp: replace qemu_notify_event() with a callbackMarc-André Lureau
Introduce a SlirpCb callback to kick the main io-thread. Add an intermediary sodrop() function that will call SlirpCb.notify callback when sbdrop() returns true. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-01-14slirp: remove unused sbflush()Marc-André Lureau
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2017-04-29slirp: VMStatify sbufDr. David Alan Gilbert
Convert the sbuf structure to a VMStateDescription. Note this uses the VMSTATE_WITH_TMP mechanism to calculate and reload the offsets based on the pointers. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2016-07-12Clean up ill-advised or unusual header guardsMarkus Armbruster
Cleaned up with scripts/clean-header-guards.pl. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2009-07-01Fix breakage by obsolete _P() for goodBlue Swirl
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2007-10-26 Use const and static as needed, disable unused codeblueswir1
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3452 c046a42c-6fe2-441c-8c8c-71466251a162
2007-09-16find -type f | xargs sed -i 's/[\t ]$//g' # on most filesths
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3173 c046a42c-6fe2-441c-8c8c-71466251a162
2004-04-22initial user mode network supportbellard
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@733 c046a42c-6fe2-441c-8c8c-71466251a162