Snort 2.0.0 is broken on Alpha, removing alpha keyword.

Backporting the integer overflow fix from GLSA to 1.9.1 while snort 2.0.0 is fixed.
Version bump.

5 files changed, 437 insertions, 3 deletions

diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog
index 862ac2c86449..6ec0884ac9d0 100644
--- a/net-analyzer/snort/ChangeLog
+++ b/net-analyzer/snort/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-analyzer/snort
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.14 2003/04/22 06:55:44 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.15 2003/04/22 12:18:35 taviso Exp $
+
+*snort-1.9.1-r2 (22 Apr 2003)
+
+  22 Apr 2003; Tavis Ormandy <taviso@gentoo.org> snort-1.9.1-r2.ebuild,
+  snort-2.0.0.ebuild, files/snort-1.9.1-alpha-core_vuln.diff:
+  snort 2.0.0 is broken on Alpha, backporting the integer overflow fix to snort
+  1.9.1 while its being fixed, and bumping version
 
   22 Apr 2003; Daniel Ahlberg <aliz@gentoo.org> snort-2.0.0.ebuild files/snort.confd :
   Closing #11643. Unmasking becuse of GLSA.
diff --git a/net-analyzer/snort/files/digest-snort-1.9.1-r2 b/net-analyzer/snort/files/digest-snort-1.9.1-r2
new file mode 100644
index 000000000000..33016cb62406
--- /dev/null
+++ b/net-analyzer/snort/files/digest-snort-1.9.1-r2
@@ -0,0 +1 @@
+MD5 50bb526b41f48fb7689bb8342b27e44d snort-1.9.1.tar.gz 146615
diff --git a/net-analyzer/snort/files/snort-1.9.1-alpha-core_vuln.diff b/net-analyzer/snort/files/snort-1.9.1-alpha-core_vuln.diff
new file mode 100644
index 000000000000..2fbc280a3195
--- /dev/null
+++ b/net-analyzer/snort/files/snort-1.9.1-alpha-core_vuln.diff
@@ -0,0 +1,319 @@
+diff -ruN snort-1.9.1-orig/src/bounds.h snort-1.9.1/src/bounds.h
+--- snort-1.9.1-orig/src/bounds.h	1970-01-01 01:00:00.000000000 +0100
++++ snort-1.9.1/src/bounds.h	2003-04-22 12:55:32.000000000 +0100
+@@ -0,0 +1,127 @@
++#ifndef _BOUNDS_H
++#define _BOUNDS_H
++/*
++** Copyright (C) 2003, Sourcefire, Inc.
++**               Chris Green <cmg@sourcefire.com>
++**
++** This program is free software; you can redistribute it and/or modify
++** it under the terms of the GNU General Public License as published by
++** the Free Software Foundation; either version 2 of the License, or
++** (at your option) any later version.
++**
++** This program is distributed in the hope that it will be useful,
++** but WITHOUT ANY WARRANTY; without even the implied warranty of
++** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++** GNU General Public License for more details.
++**
++** You should have received a copy of the GNU General Public License
++** along with this program; if not, write to the Free Software
++** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++**
++*/
++
++
++#ifdef HAVE_CONFIG_H
++#include "config.h"
++#endif
++
++#include "snort.h"
++
++#include <string.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <assert.h>
++#include <unistd.h>
++
++/* This INLINE is conflicting with the INLINE defined in bitop.h.
++ * So, let's just add a little sanity check here.
++ */
++#ifndef DEBUG
++    #ifndef INLINE
++        #define INLINE inline
++    #endif
++    #define ERRORRET return 0;
++#else
++    #ifdef INLINE
++        #undef INLINE
++    #endif
++    #define INLINE
++    #define ERRORRET assert(0==1)
++#endif /* DEBUG */
++
++/*
++ * Check to make sure that p is less than or equal to the ptr range
++ * pointers
++ *
++ * 1 means it's in bounds, 0 means it's not
++ */
++static INLINE int inBounds(u_int8_t *start, u_int8_t *end, u_int8_t *p)
++{
++    if(p >= start && p < end)
++    {
++        return 1;
++    }
++
++    return 0;
++}
++
++/**
++ * A Safer Memcpy
++ *
++ * @param dst where to copy to
++ * @param src where to copy from
++ * @param n number of bytes to copy
++ * @param start start of the dest buffer
++ * @param end end of the dst buffer
++ *
++ * @return 0 on failure, 1 on success
++ */
++static INLINE int SafeMemcpy(void *dst, void *src, size_t n, void *start, void *end)
++{
++     if(n < 1)
++     {
++         ERRORRET;
++     }
++
++     if(!inBounds(start,end, dst) || !inBounds(start,end,((u_int8_t*)dst)+n))
++     {
++         ERRORRET;
++     }
++
++     memcpy(dst, src, n);
++     return 1;
++}
++
++/**
++ * A Safer *a = *b
++ *
++ * @param start start of the dst buffer
++ * @param end end of the dst buffer
++ * @param dst the location to write to
++ * @param src the source to read from
++ *
++ * @return 0 on failure, 1 on success
++ */
++static INLINE int SafeWrite(u_int8_t *start, u_int8_t *end, u_int8_t *dst, u_int8_t *src)
++{
++    if(!inBounds(start, end, dst))
++    {
++        ERRORRET;
++    }
++
++    *dst = *src;
++    return 1;
++}
++
++static inline int SafeRead(u_int8_t *start, u_int8_t *end, u_int8_t *src, u_int8_t *read)
++{
++    if(!inBounds(start,end, src))
++    {
++        ERRORRET;
++    }
++
++    *read = *start;
++    return 1;
++}
++
++#endif /* _BOUNDS_H */
+diff -ruN snort-1.9.1-orig/src/decode.h snort-1.9.1/src/decode.h
+--- snort-1.9.1-orig/src/decode.h	2003-02-14 19:32:26.000000000 +0000
++++ snort-1.9.1/src/decode.h	2003-04-22 12:55:32.000000000 +0100
+@@ -165,6 +165,10 @@
+ #define UDP_HEADER_LEN          8
+ #define ICMP_HEADER_LEN         4
+ 
++#ifndef IP_MAXPACKET
++#define IP_MAXPACKET            65535   /* maximum packet size */
++#endif /* IP_MAXPACKET */
++
+ #define TH_FIN  0x01
+ #define TH_SYN  0x02
+ #define TH_RST  0x04
+diff -ruN snort-1.9.1-orig/src/preprocessors/spp_http_decode.c snort-1.9.1/src/preprocessors/spp_http_decode.c
+--- snort-1.9.1-orig/src/preprocessors/spp_http_decode.c	2003-02-23 22:46:04.000000000 +0000
++++ snort-1.9.1/src/preprocessors/spp_http_decode.c	2003-04-22 12:59:45.000000000 +0100
+@@ -444,11 +444,11 @@
+     psize = (u_int16_t) (p->dsize);
+     
+     /* first skip past the HTTP method */
+-    while(index < end && !lookup_whitespace[(u_int)(*index)])
++    while(index < end && !lookup_whitespace[(u_char)(*index)])
+ 	index++;
+     
+     /* skip over whitespace seperator */
+-    while(index < end && lookup_whitespace[(u_int)(*index)])
++    while(index < end && lookup_whitespace[(u_char)(*index)])
+ 	index++;
+     
+     /* evilness check */
+@@ -562,8 +562,8 @@
+ 					"Double hex encoding received\n"););
+ 	    }
+ 
+-	    hex1=lookup_hexvalue[(u_int)(*(index+1))];
+-	    hex2=lookup_hexvalue[(u_int)(*(index+2))];
++	    hex1=lookup_hexvalue[(u_char)(*(index+1))];
++	    hex2=lookup_hexvalue[(u_char)(*(index+2))];
+ 
+ 	    if(hex1 != -1 && hex2 != -1)
+ 	    {
+@@ -612,7 +612,7 @@
+ 	    }
+ 
+ 	}
+-	else if(lookup_whitespace[(u_int)(*index)])
++	else if(lookup_whitespace[(u_char)(*index)])
+ 	{
+ 	    /* we've reached the delimiting whitespace */
+ 	    /* UriBufs[0].http_version = (u_int8_t *) index; */
+@@ -629,7 +629,7 @@
+ 		while(index < end &&
+ 		      ((cur - (char *) UriBufs[0].uri) < URI_LENGTH))
+ 		{
+-		    if(lookup_whitespace[(u_int)(*index)])
++		    if(lookup_whitespace[(u_char)(*index)])
+ 		    {
+ 			/* we've reached the delimiting whitespace */
+ 			/* Time to get HTTP version? */
+diff -ruN snort-1.9.1-orig/src/preprocessors/spp_stream4.c snort-1.9.1/src/preprocessors/spp_stream4.c
+--- snort-1.9.1-orig/src/preprocessors/spp_stream4.c	2003-02-14 19:32:27.000000000 +0000
++++ snort-1.9.1/src/preprocessors/spp_stream4.c	2003-04-22 12:58:44.000000000 +0100
+@@ -37,6 +37,17 @@
+ #include "config.h"
+ #endif
+ 
++#ifndef DEBUG
++    #ifndef INLINE
++        #define INLINE inline
++    #endif
++#else
++    #ifdef INLINE
++        #undef INLINE
++    #endif
++    #define INLINE···
++#endif /* DEBUG */
++
+ #include <sys/types.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -65,6 +76,7 @@
+ #include "generators.h"
+ #include "detect.h"
+ #include "perf.h"
++#include "bounds.h"
+ 
+ #include "ubi_SplayTree.h"
+ 
+@@ -143,6 +155,8 @@
+ #define SPARC_TWIDDLE       0
+ #endif
+ 
++#define MAX_STREAM_SIZE (IP_MAXPACKET - IP_HEADER_LEN - TCP_HEADER_LEN)
++
+ /* random array of flush points */
+ 
+ #define FCOUNT 64
+@@ -325,6 +339,7 @@
+ void WriteSsnStats(BinStats *);
+ void OpenStatsFile();
+ static int RetransTooFast(struct timeval *a, struct timeval *b);
++static INLINE int isBetween(u_int32_t low, u_int32_t high, u_int32_t cur);
+ 
+ /*
+   Here is where we separate which functions will be called in the
+@@ -340,6 +355,10 @@
+ static void TcpActionAsync(Session *ssn, Packet *p, int action, int direction, 
+                            u_int32_t pkt_seq, u_int32_t pkt_ack);
+ 
++static INLINE int isBetween(u_int32_t low, u_int32_t high, u_int32_t cur)
++{
++        return (cur - low) <= (high - low);
++}
+ 
+     
+ 
+@@ -462,7 +481,7 @@
+     /* don't reassemble if we're before the start sequence number or 
+      * after the last ack'd byte
+      */
+-    if(spd->seq_num < s->base_seq || spd->seq_num > s->last_ack) {
++    if(!isBetween(s->base_seq, s->last_ack, spd->seq_num)) {
+         DEBUG_WRAP(DebugMessage(DEBUG_STREAM,
+                                 "not reassembling because"
+                                 " we're (%u) before isn(%u) or after last_ack(%u)\n",
+@@ -471,8 +490,8 @@
+     }
+ 
+     /* if it's in bounds... */
+-    if(spd->seq_num >= s->base_seq && spd->seq_num >= s->next_seq &&
+-       (spd->seq_num+spd->payload_size) <= s->last_ack)
++    if(isBetween(s->base_seq, s->last_ack, spd->seq_num) &&
++       isBetween(s->base_seq, s->last_ack, (spd->seq_num+spd->payload_size)))
+     {
+         offset = spd->seq_num - s->base_seq;
+         
+@@ -487,16 +506,16 @@
+                                 spd->seq_num, s->last_ack, s->base_seq,
+                                 spd->payload_size, s->next_seq, offset));
+ 
+-        memcpy(buf+offset, spd->payload, spd->payload_size);
++	SafeMemcpy(buf+offset, spd->payload, spd->payload_size,
++		stream_pkt->data, stream_pkt->data + MAX_STREAM_SIZE);
+ 
+         pc.rebuilt_segs++;
+ 
+         spd->chuck = 1;
+         bd->total_size += spd->payload_size;
+     } 
+-    else if(spd->seq_num >= s->base_seq && 
+-            spd->seq_num < s->last_ack &&
+-            spd->seq_num + spd->payload_size > s->last_ack)
++    	else if(isBetween(s->base_seq, s->last_ack, spd->seq_num) &&
++		((spd->seq_num + spd->payload_size) > s->last_ack))
+     {
+         /*
+          *  if it starts in bounds and hasn't been completely ack'd, 
+@@ -518,7 +537,8 @@
+             DEBUG_WRAP(DebugMessage(DEBUG_STREAM, "Copying %d bytes into buffer, "
+                                     "offset %d, buf %p\n", trunc_size, offset, 
+                                     buf););
+-            memcpy(buf+offset, spd->payload, trunc_size);
++            SafeMemcpy(buf+offset, spd->payload, trunc_size,
++                       stream_pkt->data, stream_pkt->data + MAX_STREAM_SIZE);
+             pc.rebuilt_segs++;
+             bd->total_size += trunc_size;
+         }
+@@ -530,8 +550,7 @@
+ 
+         spd->chuck = 1;
+     }
+-    else if(spd->seq_num < s->base_seq && 
+-            spd->seq_num+spd->payload_size > s->base_seq)
++    else if(isBetween(s->base_seq, s->last_ack, (spd->seq_num+spd->payload_size)))
+     {
+         /* case where we've got a segment that wasn't completely ack'd 
+          * last time it was processed, do a partial copy into the buffer
+@@ -550,7 +569,8 @@
+             DEBUG_WRAP(DebugMessage(DEBUG_STREAM, "Copying %d bytes into buffer, "
+                                     "offset %d, buf %p\n", trunc_size, offset, 
+                                     buf););
+-            memcpy(buf, spd->payload+offset, trunc_size);
++            SafeMemcpy(buf, spd->payload+offset, trunc_size,
++                       stream_pkt->data, stream_pkt->data + MAX_STREAM_SIZE);
+             pc.rebuilt_segs++;
+             bd->total_size += trunc_size;
+         }
diff --git a/net-analyzer/snort/snort-1.9.1-r2.ebuild b/net-analyzer/snort/snort-1.9.1-r2.ebuild
new file mode 100644
index 000000000000..874968b8c682
--- /dev/null
+++ b/net-analyzer/snort/snort-1.9.1-r2.ebuild
@@ -0,0 +1,107 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-1.9.1-r2.ebuild,v 1.1 2003/04/22 12:18:35 taviso Exp $
+
+inherit eutils
+
+IUSE="ssl postgres mysql snmp"
+S=${WORKDIR}/${P}
+DESCRIPTION="Libpcap-based packet sniffer/logger/lightweight IDS"
+SRC_URI="http://www.snort.org/dl/${P}.tar.gz"
+HOMEPAGE="http://www.snort.org"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="alpha"
+
+DEPEND="virtual/glibc
+	>=net-libs/libpcap-0.6.2-r1
+	~net-libs/libnet-1.0.2a
+	postgres? ( >=dev-db/postgresql-7.2 )
+	mysql? ( >=dev-db/mysql-3.23.26 )
+	ssl? ( >=dev-libs/openssl-0.9.6b )
+	snmp? ( >=net-analyzer/net-snmp-5.0 )"
+
+RDEPEND="virtual/glibc 
+	dev-lang/perl
+	>=net-libs/libpcap-0.6.2-r1
+	postgres? ( >=dev-db/postgresql-7.2 )
+	mysql? ( >=dev-db/mysql-3.23.26 )
+	ssl? ( >=dev-libs/openssl-0.9.6b )"
+
+src_unpack() {
+	unpack ${A}
+
+	cd ${S}
+	epatch ${FILESDIR}/${P}-configure.patch
+
+	# Fixes for alpha, and GLSA 200304-05
+	use alpha && epatch ${FILESDIR}/${P}-alpha-core_vuln.diff
+}
+
+src_compile() {
+
+	local myconf
+
+	use postgres && myconf="${myconf} --with-postgresql" \
+		|| myconf="${myconf} --without-postgresql"
+	use mysql && myconf="${myconf} --with-mysql" \
+		|| myconf="${myconf} --without-mysql"
+	use ssl && myconf="${myconf} --with-openssl" \
+		|| myconf="${myconf} --without-openssl"
+       use snmp && myconf="${myconf} --with-snmp" \
+                || myconf="${myconf} --without-snmp"
+
+
+	./configure \
+		--prefix=/usr \
+		--without-odbc \
+		--without-oracle \
+		--enable-pthreads \
+		--enable-flexresp \
+		--enable-smbalerts \
+		--mandir=/usr/share/man \
+		--host=${CHOST} ${myconf} || die "bad ./configure"
+
+	emake || die "compile problem"
+}
+
+src_install () {
+
+	make DESTDIR=${D} install || die
+
+	dodir /var/log/snort
+	touch ${D}/var/log/snort/.keep
+
+	insinto /usr/lib/snort/bin
+	doins contrib/{create_mysql,snortlog,*.pl}
+
+	dodoc COPYING LICENSE doc/*
+	docinto contrib ; dodoc contrib/*
+
+	insinto /etc/snort
+	doins etc/classification.config rules/*.rules
+	newins etc/snort.conf snort.conf.distrib
+
+	exeinto /etc/init.d ; newexe ${FILESDIR}/snort.rc6 snort
+	insinto /etc/conf.d ; newins ${FILESDIR}/snort.confd snort
+}
+
+pkg_postinst() {
+
+	if ! grep -q ^snort: /etc/group ; then
+		groupadd snort || die "problem adding group snort"
+	fi
+	if ! grep -q ^snort: /etc/passwd ; then
+		useradd -g snort -s /dev/null -d /var/log/snort -c "snort" snort
+		assert "problem adding user snort"
+	fi
+	usermod -c "snort" snort || die "usermod problem"
+	usermod -d "/var/log/snort" snort || die "usermod problem"
+	usermod -g "snort" snort || die "usermod problem"
+	usermod -s "/dev/null" snort || die "usermod problem"
+	echo "ignore any message about CREATE_HOME above..."
+
+	chown snort.snort /var/log/snort
+	chmod 0770 /var/log/snort
+}
diff --git a/net-analyzer/snort/snort-2.0.0.ebuild b/net-analyzer/snort/snort-2.0.0.ebuild
index d07e18e5969a..0689aae460e2 100644
--- a/net-analyzer/snort/snort-2.0.0.ebuild
+++ b/net-analyzer/snort/snort-2.0.0.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.0.0.ebuild,v 1.2 2003/04/22 06:55:44 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.0.0.ebuild,v 1.3 2003/04/22 12:18:35 taviso Exp $
 
 inherit eutils
 
@@ -12,7 +12,7 @@ HOMEPAGE="http://www.snort.org"
 
 SLOT="0"
 LICENSE="GPL-2"
-KEYWORDS="x86 sparc alpha"
+KEYWORDS="x86 sparc ~alpha"
 
 DEPEND="virtual/glibc
 	>=net-libs/libpcap-0.6.2-r1