From 97b2a99317c20d21543fd31b66b09252123499cf Mon Sep 17 00:00:00 2001
From: dashnfschina <dash@nfschina.com>
Date: Fri, 5 Jul 2024 05:43:00 -0400
Subject: [PATCH] fix cve-2024-5564

---
 0001-libndp-fix-CVE-2024-5564.patch | 34 +++++++++++++++++++++++++++++
 libndp.spec                         |  8 ++++++-
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 0001-libndp-fix-CVE-2024-5564.patch

diff --git a/0001-libndp-fix-CVE-2024-5564.patch b/0001-libndp-fix-CVE-2024-5564.patch
new file mode 100644
index 0000000..01b44a9
--- /dev/null
+++ b/0001-libndp-fix-CVE-2024-5564.patch
@@ -0,0 +1,34 @@
+From 48f78cbbfa6e7cebec49c3003877c27e81722bf3 Mon Sep 17 00:00:00 2001
+From: dashnfschina <dash@nfschina.com>
+Date: Fri, 5 Jul 2024 03:03:29 -0400
+Subject: [PATCH] 2
+
+---
+ libndp/libndp.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/libndp/libndp.c b/libndp/libndp.c
+index 6314717..72ec92e 100644
+--- a/libndp/libndp.c
++++ b/libndp/libndp.c
+@@ -1231,6 +1231,17 @@ static bool ndp_msg_opt_route_check_valid(void *opt_data)
+ 	 */
+ 	if (((ri->nd_opt_ri_prf_reserved >> 3) & 3) == 2)
+ 		return false;
++
++	/* The Length field is 1, 2, or 3 depending on the Prefix Length.
++	 * If Prefix Length is greater than 64, then Length must be 3.
++	 * If Prefix Length is greater than 0, then Length must be 2 or 3.
++	 * If Prefix Length is zero, then Length must be 1, 2, or 3.
++	 */
++	if (ri->nd_opt_ri_len > 3 ||
++	    (ri->nd_opt_ri_prefix_len > 64 && ri->nd_opt_ri_len != 3) ||
++	    (ri->nd_opt_ri_prefix_len > 0 && ri->nd_opt_ri_len == 1))
++		return false;
++
+ 	return true;
+ }
+ 
+-- 
+2.18.2
+
diff --git a/libndp.spec b/libndp.spec
index 9fb348f..04c8283 100644
--- a/libndp.spec
+++ b/libndp.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 3
 Name: libndp
 Version: 1.8
 Release: %{anolis_release}%{?dist}
@@ -7,6 +7,8 @@ License: LGPLv2+
 URL: http://www.libndp.org/
 Source: http://www.libndp.org/files/libndp-%{version}.tar.gz
 
+Patch0: 0001-libndp-fix-CVE-2024-5564.patch
+
 BuildRequires:  gcc
 BuildRequires: make
 %description
@@ -24,6 +26,7 @@ necessary for developing programs using libndp.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 %configure --disable-static
@@ -52,6 +55,9 @@ find $RPM_BUILD_ROOT -name \*.la -delete
 %{_libdir}/pkgconfig/*.pc
 
 %changelog
+* Fri Jul 05 2024 dash <dash@nfschina.com> - 1.8-3
+- fix CVE-2024-5564
+
 * Mon Oct 24 2022 mgb01105731 <mgb01105731@alibaba-inc.com> - 1.8-2
 - optimise spec file
 
-- 
Gitee