Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Added

Changed

Deprecated

Fixed

4.4.0 - 2020-12-02

Added

  • udp, udp6, icmp: handle TTL value. !48
  • Enable forwarding ICMP errors. !49
  • Add DNS resolving for iOS. !54

Changed

  • Improve meson subproject() support. !53
  • Removed Makefile-based build system. !56

Fixed

  • socket: consume empty packets. !55
  • check pkt_len before reading protocol header (CVE-2020-29129). !57
  • ip_stripoptions use memmove (fixes undefined behaviour). !47
  • various Coverity-related changes/fixes.

4.3.1 - 2020-07-08

Changed

  • A silent truncation could occur in slirp_fmt(), which will now print a critical message. See also #22.

Fixed

  • CVE-2020-10756 - Drop bogus IPv6 messages that could lead to data leakage. See !44 and !42.
  • Fix win32 builds by using the SLIRP_PACKED definition.
  • Various coverity scan errors fixed. !41
  • Fix new GCC warnings. !43

4.3.0 - 2020-04-22

Added

  • SLIRP_VERSION_STRING macro, with the git sha suffix when building from git
  • SlirpConfig.disable_dns, to disable DNS redirection #16

Changed

  • slirp_version_string() now has the git sha suffix when building form git
  • Limit DNS redirection to port 53 #16

Fixed

  • Fix build regression with mingw & NetBSD
  • Fix use-afte-free in ip_reass() (CVE-2020-1983)

4.2.0 - 2020-03-17

Added

  • New API function slirp_add_unix: add a forward rule to a Unix socket.
  • New API function slirp_remove_guestfwd: remove a forward rule previously added by slirp_add_exec, slirp_add_unix or slirp_add_guestfwd
  • New SlirpConfig.outbound_addr{,6} fields to bind output socket to a specific address

Changed

  • socket: do not fallback on host loopback if get_dns_addr() failed or the address is in slirp network

Fixed

  • ncsi: fix checksum OOB memory access
  • tcp_emu(): fix OOB accesses
  • tftp: restrict relative path access
  • state: fix loading of guestfwd state

4.1.0 - 2019-12-02

Added

  • The slirp_new() API, simpler and more extensible than slirp_init().
  • Allow custom MTU configuration.
  • Option to disable host loopback connections.
  • CI now runs scan-build too.

Changed

  • Disable tcp_emu() by default. tcp_emu() is known to have caused several CVEs, and not useful today in most cases. The feature can be still enabled by setting SlirpConfig.enable_emu to true.
  • meson build system is now subproject() friendly.
  • Replace remaining malloc()/free() with glib (which aborts on OOM)
  • Various code cleanups.

Deprecated

  • The slirp_init() API.

Fixed

  • getpeername() error after shutdown(SHUT_WR).
  • Exec forward: correctly parse command lines that contain spaces.
  • Allow 0.0.0.0 destination address.
  • Make host receive broadcast packets.
  • Various memory related fixes (heap overflow, leaks, NULL dereference).
  • Compilation warnings, dead code.

4.0.0 - 2019-05-24

Added

  • Installable as a shared library.
  • meson build system (& make build system for in-tree QEMU integration)

Changed

  • Standalone project, removing any QEMU dependency.
  • License clarifications.