From: Dan Carpenter <dan.carpenter@oracle.com>
To: pablo@netfilter.org
Cc: netfilter-devel@vger.kernel.org
Subject: [bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields
Date: Tue, 6 Dec 2016 14:57:34 +0300 [thread overview]
Message-ID: <20161206115734.GA30548@elgon.mountain> (raw)
Hello Pablo Neira Ayuso,
The patch 556c291b3a1b: "netfilter: nft_payload: layer 4 checksum
adjustment for pseudoheader fields" from Nov 24, 2016, leads to the
following static checker warning:
net/netfilter/nft_payload.c:301 nft_payload_set_eval()
error: uninitialized symbol 'fsum'.
net/netfilter/nft_payload.c
253 static void nft_payload_set_eval(const struct nft_expr *expr,
254 struct nft_regs *regs,
255 const struct nft_pktinfo *pkt)
256 {
257 const struct nft_payload_set *priv = nft_expr_priv(expr);
258 struct sk_buff *skb = pkt->skb;
259 const u32 *src = ®s->data[priv->sreg];
260 int offset, csum_offset;
261 __wsum fsum, tsum;
262 __sum16 sum;
263
264 switch (priv->base) {
265 case NFT_PAYLOAD_LL_HEADER:
266 if (!skb_mac_header_was_set(skb))
267 goto err;
268 offset = skb_mac_header(skb) - skb->data;
269 break;
270 case NFT_PAYLOAD_NETWORK_HEADER:
271 offset = skb_network_offset(skb);
272 break;
273 case NFT_PAYLOAD_TRANSPORT_HEADER:
274 if (!pkt->tprot_set)
275 goto err;
276 offset = pkt->xt.thoff;
277 break;
278 default:
279 BUG();
280 }
281
282 csum_offset = offset + priv->csum_offset;
283 offset += priv->offset;
284
285 if (priv->csum_type == NFT_PAYLOAD_CSUM_INET &&
286 (priv->base != NFT_PAYLOAD_TRANSPORT_HEADER ||
287 skb->ip_summed != CHECKSUM_PARTIAL)) {
288 if (skb_copy_bits(skb, csum_offset, &sum, sizeof(sum)) < 0)
289 goto err;
290
291 fsum = skb_checksum(skb, offset, priv->len, 0);
fsum is only set inside this if statement.
292 tsum = csum_partial(src, priv->len, 0);
293 nft_csum_replace(&sum, fsum, tsum);
294
295 if (!skb_make_writable(skb, csum_offset + sizeof(sum)) ||
296 skb_store_bits(skb, csum_offset, &sum, sizeof(sum)) < 0)
297 goto err;
298 }
299
300 if (priv->csum_flags &&
301 nft_payload_l4csum_update(pkt, skb, fsum, tsum) < 0)
but we use it here. I don't know for sure this is a bug...
302 goto err;
303
304 if (!skb_make_writable(skb, max(offset + priv->len, 0)) ||
305 skb_store_bits(skb, offset, src, priv->len) < 0)
306 goto err;
307
308 return;
309 err:
310 regs->verdict.code = NFT_BREAK;
311 }
regards,
dan carpenter
next reply other threads:[~2016-12-06 12:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-06 11:57 Dan Carpenter [this message]
2016-12-06 12:16 ` [bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields Pablo Neira Ayuso
2016-12-06 12:24 ` Dan Carpenter
2016-12-06 12:32 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161206115734.GA30548@elgon.mountain \
--to=dan.carpenter@oracle.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.