.gitlab-ci.yml

@@ -4,21 +4,22 @@ variables:
   DEPS: meson ninja-build make
         gcc pkg-config glib2-devel
         mingw64-gcc mingw64-pkg-config mingw64-glib2
-        clang-analyzer
+        clang-analyzer git-core
 
 before_script:
   - dnf install -y $DEPS
+  - git describe
 
 build:
   script:
-    - meson build || (cat build/meson-logs/meson-log.txt && exit 1)
+    - meson --werror build || (cat build/meson-logs/meson-log.txt && exit 1)
     - ninja -C build
     - (cd build && meson test) || (cat build/meson-logs/testlog.txt && exit 1)
     - ninja -C build scan-build
 
 build-mingw64:
   script:
-    - (mkdir buildw && cd buildw && mingw64-meson) || (cat buildw/meson-logs/meson-log.txt && exit 1)
+    - (mkdir buildw && cd buildw && mingw64-meson --werror) || (cat buildw/meson-logs/meson-log.txt && exit 1)
     - ninja -C buildw
 
 build-qemu:

CHANGELOG.md

@@ -5,19 +5,36 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [v4.2.0] - 2020-03-17
+## [4.3.0] - 2020-04-22
+
+### Added
+
+ - `SLIRP_VERSION_STRING` macro, with the git sha suffix when building from git
+ - `SlirpConfig.disable_dns`, to disable DNS redirection #16
+
+### Changed
+
+ - `slirp_version_string()` now has the git sha suffix when building form git
+ - Limit DNS redirection to port 53 #16
+
+### Fixed
+
+ - Fix build regression with mingw & NetBSD
+ - Fix use-afte-free in `ip_reass()` (CVE-2020-1983)
+
+## [4.2.0] - 2020-03-17
 
 ### Added
 
  - New API function `slirp_add_unix`: add a forward rule to a Unix socket.
  - New API function `slirp_remove_guestfwd`: remove a forward rule previously
    added by `slirp_add_exec`, `slirp_add_unix` or `slirp_add_guestfwd`
- - New SlirpConfig.outbound_addr{,6} fields to bind output socket to a
+ - New `SlirpConfig.outbound_addr{,6}` fields to bind output socket to a
    specific address
 
 ### Changed
 
- - socket: do not fallback on host loopback if get_dns_addr() failed
+ - socket: do not fallback on host loopback if `get_dns_addr()` failed
    or the address is in slirp network
 
 ### Fixed
@@ -72,7 +89,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
  - Standalone project, removing any QEMU dependency.
  - License clarifications.
 
-[unreleased]: https://gitlab.freedesktop.org/slirp/libslirp/compare/v4.1.0...master
+[4.3.0]: https://gitlab.freedesktop.org/slirp/libslirp/compare/v4.2.0...v4.3.0
 [4.2.0]: https://gitlab.freedesktop.org/slirp/libslirp/compare/v4.1.0...v4.2.0
 [4.1.0]: https://gitlab.freedesktop.org/slirp/libslirp/compare/v4.0.0...v4.1.0
 [4.0.0]: https://gitlab.freedesktop.org/slirp/libslirp/commits/v4.0.0

Makefile

@@ -3,8 +3,9 @@ BUILD_DIR ?= .
 
 LIBSLIRP = $(BUILD_DIR)/libslirp.a
 SLIRP_MAJOR_VERSION = 4
-SLIRP_MINOR_VERSION = 2
+SLIRP_MINOR_VERSION = 3
 SLIRP_MICRO_VERSION = 0
+SLIRP_VERSION_STRING = "$(SLIRP_MAJOR_VERSION).$(SLIRP_MINOR_VERSION).$(SLIRP_MICRO_VERSION)-git"
 
 all: $(LIBSLIRP)
 
@@ -22,12 +23,13 @@ override CFLAGS +=					\
 	-MMD -MP
 override LDFLAGS += $(shell $(PKG_CONFIG) --libs glib-2.0)
 
-$(BUILD_DIR)/src/libslirp-version.h:
+$(BUILD_DIR)/src/libslirp-version.h: Makefile
 	@$(MKDIR_P) $(dir $@)
 	$(call quiet-command,cat $(ROOT_DIR)/src/libslirp-version.h.in | \
 		sed 's/@SLIRP_MAJOR_VERSION@/$(SLIRP_MAJOR_VERSION)/' | \
 		sed 's/@SLIRP_MINOR_VERSION@/$(SLIRP_MINOR_VERSION)/' | \
-		sed 's/@SLIRP_MICRO_VERSION@/$(SLIRP_MICRO_VERSION)/' \
+		sed 's/@SLIRP_MICRO_VERSION@/$(SLIRP_MICRO_VERSION)/' | \
+		sed 's/@SLIRP_VERSION_STRING@/$(SLIRP_VERSION_STRING)/' \
 	> $@,"GEN","$@")
 
 $(OBJS): $(BUILD_DIR)/src/libslirp-version.h

build-aux/git-version-gen

+#!/bin/sh
+# Print a version string.
+scriptversion=2010-06-14.19; # UTC
+
+# Copyright (C) 2007-2010 Free Software Foundation, Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# This script is derived from GIT-VERSION-GEN from GIT: http://git.or.cz/.
+# It may be run two ways:
+# - from a git repository in which the "git describe" command below
+#   produces useful output (thus requiring at least one signed tag)
+# - from a non-git-repo directory containing a .tarball-version file, which
+#   presumes this script is invoked like "./git-version-gen .tarball-version".
+
+# In order to use intra-version strings in your project, you will need two
+# separate generated version string files:
+#
+# .tarball-version - present only in a distribution tarball, and not in
+#   a checked-out repository.  Created with contents that were learned at
+#   the last time autoconf was run, and used by git-version-gen.  Must not
+#   be present in either $(srcdir) or $(builddir) for git-version-gen to
+#   give accurate answers during normal development with a checked out tree,
+#   but must be present in a tarball when there is no version control system.
+#   Therefore, it cannot be used in any dependencies.  GNUmakefile has
+#   hooks to force a reconfigure at distribution time to get the value
+#   correct, without penalizing normal development with extra reconfigures.
+#
+# .version - present in a checked-out repository and in a distribution
+#   tarball.  Usable in dependencies, particularly for files that don't
+#   want to depend on config.h but do want to track version changes.
+#   Delete this file prior to any autoconf run where you want to rebuild
+#   files to pick up a version string change; and leave it stale to
+#   minimize rebuild time after unrelated changes to configure sources.
+#
+# It is probably wise to add these two files to .gitignore, so that you
+# don't accidentally commit either generated file.
+#
+# Use the following line in your configure.ac, so that $(VERSION) will
+# automatically be up-to-date each time configure is run (and note that
+# since configure.ac no longer includes a version string, Makefile rules
+# should not depend on configure.ac for version updates).
+#
+# AC_INIT([GNU project],
+#         m4_esyscmd([build-aux/git-version-gen .tarball-version]),
+#         [bug-project@example])
+#
+# Then use the following lines in your Makefile.am, so that .version
+# will be present for dependencies, and so that .tarball-version will
+# exist in distribution tarballs.
+#
+# BUILT_SOURCES = $(top_srcdir)/.version
+# $(top_srcdir)/.version:
+#	echo $(VERSION) > $@-t && mv $@-t $@
+# dist-hook:
+#	echo $(VERSION) > $(distdir)/.tarball-version
+
+case $# in
+    1|2) ;;
+    *) echo 1>&2 "Usage: $0 \$srcdir/.tarball-version" \
+         '[TAG-NORMALIZATION-SED-SCRIPT]'
+       exit 1;;
+esac
+
+tarball_version_file=$1
+tag_sed_script="${2:-s/x/x/}"
+nl='
+'
+
+# Avoid meddling by environment variable of the same name.
+v=
+
+# First see if there is a tarball-only version file.
+# then try "git describe", then default.
+if test -f $tarball_version_file
+then
+    v=`cat $tarball_version_file` || exit 1
+    case $v in
+	*$nl*) v= ;; # reject multi-line output
+	[0-9]*) ;;
+	*) v= ;;
+    esac
+    test -z "$v" \
+	&& echo "$0: WARNING: $tarball_version_file seems to be damaged" 1>&2
+fi
+
+if test -n "$v"
+then
+    : # use $v
+elif test -d .git \
+    && v=`git describe --abbrev=4 --match='v*' HEAD 2>/dev/null \
+	  || git describe --abbrev=4 HEAD 2>/dev/null` \
+    && v=`printf '%s\n' "$v" | sed "$tag_sed_script"` \
+    && case $v in
+	 v[0-9]*) ;;
+	 *) (exit 1) ;;
+       esac
+then
+    # Is this a new git that lists number of commits since the last
+    # tag or the previous older version that did not?
+    #   Newer: v6.10-77-g0f8faeb
+    #   Older: v6.10-g0f8faeb
+    case $v in
+	*-*-*) : git describe is okay three part flavor ;;
+	*-*)
+	    : git describe is older two part flavor
+	    # Recreate the number of commits and rewrite such that the
+	    # result is the same as if we were using the newer version
+	    # of git describe.
+	    vtag=`echo "$v" | sed 's/-.*//'`
+	    numcommits=`git rev-list "$vtag"..HEAD | wc -l`
+	    v=`echo "$v" | sed "s/\(.*\)-\(.*\)/\1-$numcommits-\2/"`;
+	    ;;
+    esac
+
+    # Change the first '-' to a '.', so version-comparing tools work properly.
+    # Remove the "g" in git describe's output string, to save a byte.
+    v=`echo "$v" | sed 's/-/./;s/\(.*\)-g/\1-/'`;
+else
+    v=UNKNOWN
+fi
+
+v=`echo "$v" |sed 's/^v//'`
+
+# Don't declare a version "dirty" merely because a time stamp has changed.
+git update-index --refresh > /dev/null 2>&1
+
+dirty=`sh -c 'git diff-index --name-only HEAD' 2>/dev/null` || dirty=
+case "$dirty" in
+    '') ;;
+    *) # Append the suffix only if there isn't one already.
+	case $v in
+	  *-dirty) ;;
+	  *) v="$v-dirty" ;;
+	esac ;;
+esac
+
+# Omit the trailing newline, so that m4_esyscmd can use the result directly.
+echo "$v" | tr -d "$nl"
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:

build-aux/meson-dist

+#!/bin/bash
+
+set -e
+set -o pipefail
+
+if test "$1" = ""; then
+    echo "Version not provided" >&2
+    exit 1
+fi
+if ! test -d "$2"; then
+    echo "Source directory not provided" >&2
+    exit 1
+fi
+
+# generate tarball version
+echo "$1" > "$MESON_DIST_ROOT/.tarball-version"

meson.build

 project('libslirp', 'c',
-  version : '4.2.0',
+  version : run_command('build-aux/git-version-gen', '@0@/.tarball-version'.format(meson.source_root()), check : true).stdout().strip(),
   license : 'BSD-3-Clause',
-  default_options : ['warning_level=1', 'c_std=gnu99']
+  default_options : ['warning_level=1', 'c_std=gnu99'],
+  meson_version : '>= 0.49',
 )
 
+meson.add_dist_script('build-aux/meson-dist', meson.project_version(), meson.source_root())
+
 version = meson.project_version()
 varr = version.split('.')
 major_version = varr[0]
@@ -14,6 +17,7 @@ conf = configuration_data()
 conf.set('SLIRP_MAJOR_VERSION', major_version)
 conf.set('SLIRP_MINOR_VERSION', minor_version)
 conf.set('SLIRP_MICRO_VERSION', micro_version)
+conf.set_quoted('SLIRP_VERSION_STRING', version)
 
 # libtool versioning - this applies to libslirp
 #
@@ -33,7 +37,7 @@ conf.set('SLIRP_MICRO_VERSION', micro_version)
 #   fixed, change:
 #      REVISION += 1
 lt_current = 2
-lt_revision = 0
+lt_revision = 1
 lt_age = 2
 lt_version = '@0@.@1@.@2@'.format(lt_current - lt_age, lt_age, lt_revision)
 

src/ip_input.c

@@ -327,8 +327,7 @@ insert:
      */
     q = fp->frag_link.next;
     m = dtom(slirp, q);
-
-    int was_ext = m->m_flags & M_EXT;
+    int delta = (char *)q - (m->m_flags & M_EXT ? m->m_ext : m->m_dat);
 
     q = (struct ipasfrag *)q->ipf_next;
     while (q != (struct ipasfrag *)&fp->frag_link) {
@@ -351,8 +350,7 @@ insert:
      * then an m_ext buffer was alloced. But fp->ipq_next points to the old
      * buffer (in the mbuf), so we must point ip into the new buffer.
      */
-    if (!was_ext && m->m_flags & M_EXT) {
-        int delta = (char *)q - m->m_dat;
+    if (m->m_flags & M_EXT) {
         q = (struct ipasfrag *)(m->m_ext + delta);
     }
 

src/libslirp-version.h.in

@@ -9,6 +9,7 @@ extern "C" {
 #define SLIRP_MAJOR_VERSION @SLIRP_MAJOR_VERSION@
 #define SLIRP_MINOR_VERSION @SLIRP_MINOR_VERSION@
 #define SLIRP_MICRO_VERSION @SLIRP_MICRO_VERSION@
+#define SLIRP_VERSION_STRING @SLIRP_VERSION_STRING@
 
 #define SLIRP_CHECK_VERSION(major,minor,micro)                          \
     (SLIRP_MAJOR_VERSION > (major) ||                                   \

src/libslirp.h

@@ -67,7 +67,7 @@ typedef struct SlirpCb {
 } SlirpCb;
 
 #define SLIRP_CONFIG_VERSION_MIN 1
-#define SLIRP_CONFIG_VERSION_MAX 2
+#define SLIRP_CONFIG_VERSION_MAX 3
 
 typedef struct SlirpConfig {
     /* Version must be provided */
@@ -109,6 +109,10 @@ typedef struct SlirpConfig {
      */
     struct sockaddr_in *outbound_addr;
     struct sockaddr_in6 *outbound_addr6;
+    /*
+     * Fields introduced in SlirpConfig version 3 begin
+     */
+    bool disable_dns;  /* slirp will not redirect/serve any DNS packet */
 } SlirpConfig;
 
 Slirp *slirp_new(const SlirpConfig *cfg, const SlirpCb *callbacks,

src/slirp.c

@@ -29,6 +29,11 @@
 #include <net/if.h>
 #endif
 
+/* https://gitlab.freedesktop.org/slirp/libslirp/issues/18 */
+#if defined(__NetBSD__) && defined(if_mtu)
+#undef if_mtu
+#endif
+
 int slirp_debug;
 
 /* Define to 1 if you want KEEPALIVE timers */
@@ -333,6 +338,13 @@ Slirp *slirp_new(const SlirpConfig *cfg, const SlirpCb *callbacks, void *opaque)
         slirp->outbound_addr = NULL;
         slirp->outbound_addr6 = NULL;
     }
+
+    if (cfg->version >= 3) {
+        slirp->disable_dns = cfg->disable_dns;
+    } else {
+        slirp->disable_dns = false;
+    }
+
     return slirp;
 }
 

src/slirp.h

@@ -202,6 +202,7 @@ struct Slirp {
 
     struct sockaddr_in *outbound_addr;
     struct sockaddr_in6 *outbound_addr6;
+    bool disable_dns; /* slirp will not redirect/serve any DNS packet */
 };
 
 void if_start(Slirp *);

src/socket.c

@@ -821,8 +821,8 @@ void sofwdrain(struct socket *so)
 
 static bool sotranslate_out4(Slirp *s, struct socket *so, struct sockaddr_in *sin)
 {
-    if (so->so_faddr.s_addr == s->vnameserver_addr.s_addr) {
-        return get_dns_addr(&sin->sin_addr) >= 0;
+    if (!s->disable_dns && so->so_faddr.s_addr == s->vnameserver_addr.s_addr) {
+        return so->so_fport == htons(53) && get_dns_addr(&sin->sin_addr) >= 0;
     }
 
     if (so->so_faddr.s_addr == s->vhost_addr.s_addr ||
@@ -839,8 +839,13 @@ static bool sotranslate_out4(Slirp *s, struct socket *so, struct sockaddr_in *si
 
 static bool sotranslate_out6(Slirp *s, struct socket *so, struct sockaddr_in6 *sin)
 {
-    if (in6_equal(&so->so_faddr6, &s->vnameserver_addr6)) {
-        return get_dns6_addr(&sin->sin6_addr, &sin->sin6_scope_id) >= 0;
+    if (!s->disable_dns && in6_equal(&so->so_faddr6, &s->vnameserver_addr6)) {
+        uint32_t scope_id;
+        if (so->so_fport == htons(53) && get_dns6_addr(&sin->sin6_addr, &scope_id) >= 0) {
+            sin->sin6_scope_id = scope_id;
+            return true;
+        }
+        return false;
     }
 
     if (in6_equal_net(&so->so_faddr6, &s->vprefix_addr6, s->vprefix_len) ||

src/version.c

 /* SPDX-License-Identifier: BSD-3-Clause */
 #include "libslirp.h"
-#include "util.h"
 
 const char *
 slirp_version_string(void)
 {
-    return stringify(SLIRP_MAJOR_VERSION) "."
-        stringify(SLIRP_MINOR_VERSION) "."
-        stringify(SLIRP_MICRO_VERSION);
+    return SLIRP_VERSION_STRING;
 }