From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org,
Arturo Borrero <arturo.borrero.glez@gmail.com>
Subject: Re: [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions
Date: Fri, 12 Aug 2016 02:44:58 +0200 [thread overview]
Message-ID: <20160812004458.GF10197@orbyte.nwl.cc> (raw)
In-Reply-To: <20160811234202.GA5290@salvia>
On Fri, Aug 12, 2016 at 01:42:02AM +0200, Pablo Neira Ayuso wrote:
> On Fri, Aug 12, 2016 at 01:33:34AM +0200, Phil Sutter wrote:
> > From: Phil Sutter <psutter@redhat.com>
> >
> > This is an ugly aspect of the SNPRINTF_BUFFER_SIZE() macro: it contains
> > a return statement and if that triggers, the function returns without
> > freeing the iterator object. Therefore duplicate the 'ret < 0' check
> > before calling it, freeing the iterator knowing that we will bail out
> > immediately afterwards anyway.
> >
> > Cc: Arturo Borrero <arturo.borrero.glez@gmail.com>
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
> > ---
> > src/ruleset.c | 16 ++++++++++++++++
> > 1 file changed, 16 insertions(+)
> >
> > diff --git a/src/ruleset.c b/src/ruleset.c
> > index 666bcc7a246b6..93cf95ab61e15 100644
> > --- a/src/ruleset.c
> > +++ b/src/ruleset.c
> > @@ -888,12 +888,16 @@ nftnl_ruleset_snprintf_table(char *buf, size_t size,
> > t = nftnl_table_list_iter_next(ti);
> > while (t != NULL) {
> > ret = nftnl_table_snprintf(buf+offset, len, t, type, flags);
> > + if (ret < 0)
> > + nftnl_table_list_iter_destroy(ti);
> > SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
>
> Better get rid of the obscure if (ret < 0) hidden in
> SNPRINT_BUFFER_SIZE.
>
> Or simply set:
>
> if (ret < 0)
> ret = 0;
>
> in SNPRINT_BUFFER_SIZE.
Hmm. This means we will lose error propagation. Given how widely this
macro is being used (grep says 200 calls), this needs a good second
thought.
Thanks, Phil
next prev parent reply other threads:[~2016-08-12 0:45 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-11 23:33 [libnftnl PATCH 0/7] A bunch of covscan detected fixes Phil Sutter
2016-08-11 23:33 ` [libnftnl PATCH 1/7] set: prevent memleak in nftnl_jansson_parse_set_info() Phil Sutter
2016-08-11 23:33 ` [libnftnl PATCH 2/7] ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions Phil Sutter
2016-08-11 23:42 ` Pablo Neira Ayuso
2016-08-12 0:44 ` Phil Sutter [this message]
2016-08-12 8:38 ` Pablo Neira Ayuso
2016-08-11 23:33 ` [libnftnl PATCH 3/7] expr/ct: prevent array index overrun in ctkey2str() Phil Sutter
2016-08-11 23:33 ` [libnftnl PATCH 4/7] expr/limit: Drop unreachable code in limit_to_type() Phil Sutter
2016-08-11 23:33 ` [libnftnl PATCH 5/7] common: Avoid integer overflow in nftnl_batch_is_supported() Phil Sutter
2016-08-11 23:48 ` Pablo Neira Ayuso
2016-08-11 23:33 ` [libnftnl PATCH 6/7] Avoid returning uninitialized data Phil Sutter
2016-08-11 23:33 ` [libnftnl PATCH 7/7] ruleset: Initialize ctx.flags before calling nftnl_ruleset_ctx_set() Phil Sutter
2016-08-11 23:58 ` [libnftnl PATCH 0/7] A bunch of covscan detected fixes Pablo Neira Ayuso
2016-08-12 0:05 ` Pablo Neira Ayuso
2016-08-12 0:47 ` Phil Sutter
2016-08-12 8:40 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160812004458.GF10197@orbyte.nwl.cc \
--to=phil@nwl.cc \
--cc=arturo.borrero.glez@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.