From: Stephen Hemminger <stephen@networkplumber.org>
To: Vlad Dumitrescu <vlad@dumitrescu.ro>
Cc: chrism@mellanox.com, Mahesh Bandewar <maheshb@google.com>,
netdev@vger.kernel.org, Vlad Dumitrescu <vladum@google.com>
Subject: Re: [PATCH iproute2] lib/libnetlink: fix response seq check
Date: Wed, 3 Oct 2018 16:50:31 -0700 [thread overview]
Message-ID: <20181003165031.24d3bdc6@xeon-e3> (raw)
In-Reply-To: <CALpBo+WyoSH5o+Vg1j_jjA9e_UeVB=9x7q+szPW330J=zdJWqg@mail.gmail.com>
On Wed, 3 Oct 2018 16:01:40 -0700
Vlad Dumitrescu <vlad@dumitrescu.ro> wrote:
> Hi,
>
> On Fri, Sep 28, 2018 at 10:14 AM <vlad@dumitrescu.ro> wrote:
> >
> > From: Vlad Dumitrescu <vladum@google.com>
> >
> > Taking a one-iovec example, with rtnl->seq at 42. iovlen == 1, seq
> > becomes 43 on line 604, and a message is sent with nlmsg_seq == 43. If
> > a response with nlmsg_seq of 42 is received, the condition being fixed
> > in this patch would incorrectly accept it.
> >
> > Fixes: 72a2ff3916e5 ("lib/libnetlink: Add a new function rtnl_talk_iov")
> > Signed-off-by: Vlad Dumitrescu <vladum@google.com>
> > ---
> > lib/libnetlink.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> > index f18dceac..4d2416bf 100644
> > --- a/lib/libnetlink.c
> > +++ b/lib/libnetlink.c
> > @@ -647,7 +647,7 @@ static int __rtnl_talk_iov(struct rtnl_handle *rtnl, struct iovec *iov,
> >
> > if (nladdr.nl_pid != 0 ||
> > h->nlmsg_pid != rtnl->local.nl_pid ||
> > - h->nlmsg_seq > seq || h->nlmsg_seq < seq - iovlen) {
> > + h->nlmsg_seq > seq || h->nlmsg_seq < seq - iovlen + 1) {
> > /* Don't forget to skip that message. */
> > status -= NLMSG_ALIGN(len);
> > h = (struct nlmsghdr *)((char *)h + NLMSG_ALIGN(len));
> > --
> > 2.19.0.605.g01d371f741-goog
>
> Did anybody get a chance to review this? I'm not 100% sure I'm fixing
> the right thing.
>
> Thanks,
> Vlad
Could you give an example where this failed.
Better yet one of the tests.
prev parent reply other threads:[~2018-10-04 6:41 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-28 17:13 [PATCH iproute2] lib/libnetlink: fix response seq check vlad
2018-10-03 23:01 ` Vlad Dumitrescu
2018-10-03 23:50 ` Stephen Hemminger [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181003165031.24d3bdc6@xeon-e3 \
--to=stephen@networkplumber.org \
--cc=chrism@mellanox.com \
--cc=maheshb@google.com \
--cc=netdev@vger.kernel.org \
--cc=vlad@dumitrescu.ro \
--cc=vladum@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.