From 325a49fcd3ffba4c5015d503cae8c2a5d1584458 Mon Sep 17 00:00:00 2001
From: Michel Lind <salimma@fedoraproject.org>
Date: Sep 06 2023 20:08:01 +0000
Subject: Update to 0.3


- Prevent invalid fragment values from leading to a buffer overrun
- Use SPDX license identifier

Signed-off-by: Michel Lind <salimma@fedoraproject.org>

---

diff --git a/.gitignore b/.gitignore
index fabcb23..8090306 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 /netconsd-d558dc611983792288ab767259d2c258aaccfc05.tar.gz
 /netconsd-0.1.tar.gz
 /netconsd-0.2.tar.gz
+/netconsd-0.3.tar.gz
diff --git a/netconsd-prevent-overflow.diff b/netconsd-prevent-overflow.diff
new file mode 100644
index 0000000..6b3036a
--- /dev/null
+++ b/netconsd-prevent-overflow.diff
@@ -0,0 +1,37 @@
+From dc94f1468e21503c7f666c25649d6bee3d6d6524 Mon Sep 17 00:00:00 2001
+From: JP Kobryn <jpkobryn@meta.com>
+Date: Tue, 5 Sep 2023 12:10:21 -0700
+Subject: [PATCH] prevent overflow on invalid fragment values
+
+Summary: prevent invalid fragment values from leading to a buffer overrun
+
+Reviewed By: kernelslacker
+
+Differential Revision: D48924553
+
+fbshipit-source-id: 786e7afc3d4f361235e9d5be8b9292da032f2d27
+---
+ ncrx/libncrx.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/ncrx/libncrx.c b/ncrx/libncrx.c
+index 1ba31d2..89c78d7 100644
+--- a/ncrx/libncrx.c
++++ b/ncrx/libncrx.c
+@@ -599,6 +599,16 @@ static int ncrx_queue_payload(const char *payload, struct ncrx *ncrx,
+ 		int off = tmsg.ncfrag_off;
+ 		int i;
+ 
++		/*
++		 * we're merging a text fragment into the message text buffer.
++		 * the checks done here ensure that the received fragment values
++		 * are within bounds of the message text buffer.
++		 */
++		if (off >= msg->text_len ||
++			off + tmsg.ncfrag_len > msg->text_len) {
++			return -1;
++		}
++
+ 		for (i = 0; i < tmsg.ncfrag_len; i++) {
+ 			if (msg->text[off + i])
+ 				continue;
diff --git a/netconsd.spec b/netconsd.spec
index 8baefcd..b565dbd 100644
--- a/netconsd.spec
+++ b/netconsd.spec
@@ -1,11 +1,11 @@
 %global forgeurl https://github.com/facebook/netconsd
 
 Name:           netconsd
-Version:        0.2
+Version:        0.3
 Release:        %autorelease
 Summary:        The Netconsole Daemon
 
-License:        BSD
+License:        BSD-3-Clause
 URL:            https://facebookmicrosites.github.io/netconsd
 Source:         %{forgeurl}/archive/v%{version}/%{name}-%{version}.tar.gz
 
diff --git a/sources b/sources
index 68aec0b..363c803 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (netconsd-0.2.tar.gz) = c3657f69da7fb8794743d9c4b752b69c8b2bb1cd3d748d99fc3ae929660dfaa7ce50da6831b65b9dcbd916a829634deeca5787346b208cd9c63c0828881eb8e4
+SHA512 (netconsd-0.3.tar.gz) = 0150f0f79963dd4711a9d3ff1b781983c413cc76479d42d8fa9176d1cf4c32ea57d6863624d5ffe00fb7c190b140df2e856a100dc6f8df28fa289166af4394d4