Re: patch for conntrack expectations

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Pablo Neira <pablo@eurodev.net>
Cc: Harald Welte <laforge@netfilter.org>,
	netfilter-devel@lists.netfilter.org
Subject: Re: patch for conntrack expectations
Date: Thu, 04 Mar 2004 00:23:23 +0100	[thread overview]
Message-ID: <404668EB.1080400@trash.net> (raw)
In-Reply-To: <403CD128.40101@eurodev.net>

Hi Pablo,
this patch is not correct as far as I can see. With your new API,
ip_contrack_expect_related owns the memory after beeing called.
The cleaned up amanda helper reuses the same memory for all
expectations and expects ip_conntrack_expect_related to allocate
new memory and copy the data, so this will result in corruption.
It also leaks memory if the loop is left early. One thing that
seems to affect all changed helpers, you return -ENOMEM when
ip_conntrack_expect_alloc() fails, in this case while holding
a lock. You should return NF_DROP instead.

Can you please send a new patch ?

Regards
Patrick

Pablo Neira wrote:
> Attached my patch for the patrick's amanda helper to use the new 
> expect_alloc api.
> 
> Pablo
> 
> --- linux-2.6.3-old/net/ipv4/netfilter/ip_conntrack_amanda.c	2004-02-25 17:34:05.000000000 +0100
> +++ linux-2.6.3/net/ipv4/netfilter/ip_conntrack_amanda.c	2004-02-25 17:39:34.000000000 +0100
> @@ -46,7 +46,7 @@
>  static int help(struct sk_buff *skb,
>                  struct ip_conntrack *ct, enum ip_conntrack_info ctinfo)
>  {
> -	struct ip_conntrack_expect exp;
> +	struct ip_conntrack_expect *exp;
>  	struct ip_ct_amanda_expect *exp_amanda_info;
>  	char *data, *data_limit, *tmp;
>  	unsigned int dataoff, i;
> @@ -79,20 +79,22 @@
>  		goto out;
>  	data += strlen("CONNECT ");
>  
> -	memset(&exp, 0, sizeof(exp));
> -	exp.tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
> -	exp.tuple.dst.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
> -	exp.tuple.dst.protonum = IPPROTO_TCP;
> -	exp.mask.src.ip = 0xFFFFFFFF;
> -	exp.mask.dst.ip = 0xFFFFFFFF;
> -	exp.mask.dst.protonum = 0xFFFF;
> -	exp.mask.dst.u.tcp.port = 0xFFFF;
> +	if (ip_conntrack_expect_alloc(&exp) < 0)
> +		return -ENOMEM;
> +	
> +	exp->tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
> +	exp->tuple.dst.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
> +	exp->tuple.dst.protonum = IPPROTO_TCP;
> +	exp->mask.src.ip = 0xFFFFFFFF;
> +	exp->mask.dst.ip = 0xFFFFFFFF;
> +	exp->mask.dst.protonum = 0xFFFF;
> +	exp->mask.dst.u.tcp.port = 0xFFFF;
>  
>  	/* Only search first line. */	
>  	if ((tmp = strchr(data, '\n')))
>  		*tmp = '\0';
>  
> -	exp_amanda_info = &exp.help.exp_amanda_info;
> +	exp_amanda_info = &exp->help.exp_amanda_info;
>  	for (i = 0; i < ARRAY_SIZE(conns); i++) {
>  		char *match = strstr(data, conns[i]);
>  		if (!match)
> @@ -104,8 +106,8 @@
>  		if (exp_amanda_info->port == 0 || exp_amanda_info->len > 5)
>  			break;
>  
> -		exp.tuple.dst.u.tcp.port = htons(exp_amanda_info->port);
> -		ip_conntrack_expect_related(ct, &exp);
> +		exp->tuple.dst.u.tcp.port = htons(exp_amanda_info->port);
> +		ip_conntrack_expect_related(exp, ct);
>  	}
>  
>  out:

next prev parent reply	other threads:[~2004-03-03 23:23 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <403014C5.8080102@eurodev.net>
2004-02-17 21:32 ` patch for conntrack expectations Harald Welte
2004-02-18  5:15   ` Pablo Neira
2004-02-18 17:25     ` Harald Welte
2004-02-18 17:37       ` Pablo Neira
2004-02-22 13:40       ` Pablo Neira
2004-02-24  9:40         ` Harald Welte
2004-02-24  9:54           ` Patrick McHardy
2004-02-24 10:24             ` Harald Welte
2004-02-24 16:32               ` Patrick McHardy
2004-02-25 16:45                 ` Pablo Neira
2004-02-25 17:27                   ` Patrick McHardy
2004-02-25 17:59                     ` Patrick McHardy
2004-03-03 23:23                   ` Patrick McHardy [this message]
2004-03-03 23:38                     ` Pablo Neira
2004-03-03 23:52                       ` Patrick McHardy
2004-03-03 23:50                     ` Patrick McHardy
2004-03-04  0:12                       ` Pablo Neira
2004-03-04  0:10                     ` Pablo Neira
2004-03-06  0:15                     ` Pablo Neira
2004-03-06  1:07                       ` Patrick McHardy
2004-03-06  1:24                         ` Pablo Neira
2004-03-06  1:37                           ` Patrick McHardy
2004-02-25 16:29           ` Pablo Neira
2004-02-28 11:17           ` Pablo Neira
2004-03-09 17:15           ` Pablo Neira

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=404668EB.1080400@trash.net \
    --to=kaber@trash.net \
    --cc=laforge@netfilter.org \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=pablo@eurodev.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.