* Something like a bug
@ 2008-04-14 7:27 Rick Xu
2008-04-15 15:47 ` Pablo Neira Ayuso
0 siblings, 1 reply; 7+ messages in thread
From: Rick Xu @ 2008-04-14 7:27 UTC (permalink / raw)
To: netfilter-devel
--
Thanks,
Rick
Hi, I found something strange in libnfnetlink.c, have a look at the
following function:
int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
const void *data, int alen)
{
......
if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
errno = ENOSPC;
return -1;
}
subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
.....
}
NFA_OK looks so weird here. I think it should be:
int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
const void *data, int alen)
{
......
if ( NFA_ALIGN(nfa->nfa_len) + NFA_LENGTH(len) > maxlen) {
errno = ENOSPC;
return -1;
}
subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN( nfa->nfa_len));
.....
}
Please kindly correct me if I made a mistake.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Something like a bug
2008-04-14 7:27 Something like a bug Rick Xu
@ 2008-04-15 15:47 ` Pablo Neira Ayuso
2008-04-15 16:00 ` Rick Xu
0 siblings, 1 reply; 7+ messages in thread
From: Pablo Neira Ayuso @ 2008-04-15 15:47 UTC (permalink / raw)
To: Rick Xu; +Cc: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 1121 bytes --]
Rick Xu wrote:
> int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
> const void *data, int alen)
> {
> ......
>
> if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
> errno = ENOSPC;
> return -1;
> }
>
> subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
>
> .....
> }
>
> NFA_OK looks so weird here. I think it should be:
> int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
> const void *data, int alen)
> {
> ......
>
> if ( NFA_ALIGN(nfa->nfa_len) + NFA_LENGTH(len) > maxlen) {
> errno = ENOSPC;
> return -1;
> }
>
> subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN( nfa->nfa_len));
>
> .....
> }
>
> Please kindly correct me if I made a mistake.
Indeed, that function is completely broken but it does not have any
known client.
It seems a leftover of the days when we didn't have anything better to
nest attributes, so that it's completely useless these days. I have
fixed in SVN anyway. Patch attached.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 1039 bytes --]
Index: configure.in
===================================================================
--- configure.in (revisión: 7400)
+++ configure.in (copia de trabajo)
@@ -4,7 +4,7 @@
AC_CANONICAL_SYSTEM
-AM_INIT_AUTOMAKE(libnfnetlink, 0.0.33)
+AM_INIT_AUTOMAKE(libnfnetlink, 0.0.34)
AC_PROG_CC
AC_EXEEXT
Index: src/libnfnetlink.c
===================================================================
--- src/libnfnetlink.c (revisión: 7400)
+++ src/libnfnetlink.c (copia de trabajo)
@@ -799,16 +799,16 @@
assert(maxlen > 0);
assert(type >= 0);
- if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
+ if (NFA_ALIGN(nfa->nfa_len) + len > maxlen) {
errno = ENOSPC;
return -1;
}
- subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
+ subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN(nfa->nfa_len));
subnfa->nfa_type = type;
subnfa->nfa_len = len;
memcpy(NFA_DATA(subnfa), data, alen);
- nfa->nfa_len = (NLMSG_ALIGN(nfa->nfa_len) + len);
+ nfa->nfa_len = NFA_ALIGN(nfa->nfa_len) + len;
return 0;
}
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Something like a bug
2008-04-15 15:47 ` Pablo Neira Ayuso
@ 2008-04-15 16:00 ` Rick Xu
2008-04-15 17:21 ` Jan Engelhardt
0 siblings, 1 reply; 7+ messages in thread
From: Rick Xu @ 2008-04-15 16:00 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel
On Tue, Apr 15, 2008 at 11:47 PM, Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> Rick Xu wrote:
> > int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
> > const void *data, int alen)
> > {
> > ......
> >
> > if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
> > errno = ENOSPC;
> > return -1;
> > }
> >
> > subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
> >
> > .....
> > }
> >
> > NFA_OK looks so weird here. I think it should be:
> > int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
> > const void *data, int alen)
> > {
> > ......
> >
> > if ( NFA_ALIGN(nfa->nfa_len) + NFA_LENGTH(len) > maxlen) {
> > errno = ENOSPC;
> > return -1;
> > }
> >
> > subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN( nfa->nfa_len));
> >
> > .....
> > }
> >
> > Please kindly correct me if I made a mistake.
>
>
> Indeed, that function is completely broken but it does not have any
> known client.
Yes, I see, I didn't find a client using this function.
> It seems a leftover of the days when we didn't have anything better to
> nest attributes, so that it's completely useless these days. I have
> fixed in SVN anyway. Patch attached.
thanks for your patch, people will be confused with the original code
>
> --
> "Los honestos son inadaptados sociales" -- Les Luthiers
>
> Index: configure.in
> ===================================================================
> --- configure.in (revisión: 7400)
> +++ configure.in (copia de trabajo)
> @@ -4,7 +4,7 @@
>
> AC_CANONICAL_SYSTEM
>
> -AM_INIT_AUTOMAKE(libnfnetlink, 0.0.33)
> +AM_INIT_AUTOMAKE(libnfnetlink, 0.0.34)
>
> AC_PROG_CC
> AC_EXEEXT
> Index: src/libnfnetlink.c
> ===================================================================
> --- src/libnfnetlink.c (revisión: 7400)
> +++ src/libnfnetlink.c (copia de trabajo)
> @@ -799,16 +799,16 @@
> assert(maxlen > 0);
> assert(type >= 0);
>
> - if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
> + if (NFA_ALIGN(nfa->nfa_len) + len > maxlen) {
> errno = ENOSPC;
> return -1;
> }
>
> - subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
> + subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN(nfa->nfa_len));
> subnfa->nfa_type = type;
> subnfa->nfa_len = len;
> memcpy(NFA_DATA(subnfa), data, alen);
> - nfa->nfa_len = (NLMSG_ALIGN(nfa->nfa_len) + len);
> + nfa->nfa_len = NFA_ALIGN(nfa->nfa_len) + len;
>
> return 0;
> }
>
>
--
Thanks,
Rick
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Something like a bug
2008-04-15 16:00 ` Rick Xu
@ 2008-04-15 17:21 ` Jan Engelhardt
2008-04-16 13:47 ` Pablo Neira Ayuso
0 siblings, 1 reply; 7+ messages in thread
From: Jan Engelhardt @ 2008-04-15 17:21 UTC (permalink / raw)
To: Rick Xu; +Cc: Pablo Neira Ayuso, netfilter-devel
On Tuesday 2008-04-15 18:00, Rick Xu wrote:
>> Index: configure.in
>> ===================================================================
>> --- configure.in (revisión: 7400)
>> +++ configure.in (copia de trabajo)
>> @@ -4,7 +4,7 @@
>>
>> AC_CANONICAL_SYSTEM
>>
>> -AM_INIT_AUTOMAKE(libnfnetlink, 0.0.33)
>> +AM_INIT_AUTOMAKE(libnfnetlink, 0.0.34)
>>
>> AC_PROG_CC
>> AC_EXEEXT
Just btw because I noticed it. AM_INIT_AUTOMAKE usually
takes 0 arguments, as per `info automake`:
The second, deprecated, form of `AM_INIT_AUTOMAKE' has two required
arguments: the package and the version number. This form is
obsolete because the PACKAGE and VERSION can be obtained from
Autoconf's `AC_INIT' macro (which itself has an old and a new
form).
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Something like a bug
2008-04-15 17:21 ` Jan Engelhardt
@ 2008-04-16 13:47 ` Pablo Neira Ayuso
2008-04-16 14:48 ` Jan Engelhardt
2008-04-16 15:00 ` remove deprecated use of AC_INIT_AUTOMAKE [was Re: Something like a bug] Pablo Neira Ayuso
0 siblings, 2 replies; 7+ messages in thread
From: Pablo Neira Ayuso @ 2008-04-16 13:47 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: Rick Xu, netfilter-devel
Jan Engelhardt wrote:
> On Tuesday 2008-04-15 18:00, Rick Xu wrote:
>>> Index: configure.in
>>> ===================================================================
>>> --- configure.in (revisión: 7400)
>>> +++ configure.in (copia de trabajo)
>>> @@ -4,7 +4,7 @@
>>>
>>> AC_CANONICAL_SYSTEM
>>>
>>> -AM_INIT_AUTOMAKE(libnfnetlink, 0.0.33)
>>> +AM_INIT_AUTOMAKE(libnfnetlink, 0.0.34)
>>>
>>> AC_PROG_CC
>>> AC_EXEEXT
>
> Just btw because I noticed it. AM_INIT_AUTOMAKE usually
> takes 0 arguments, as per `info automake`:
>
> The second, deprecated, form of `AM_INIT_AUTOMAKE' has two required
> arguments: the package and the version number. This form is
> obsolete because the PACKAGE and VERSION can be obtained from
> Autoconf's `AC_INIT' macro (which itself has an old and a new
> form).
You seem to be more familiar with autostuff than me. I'd appreciate a
patch for this. Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Something like a bug
2008-04-16 13:47 ` Pablo Neira Ayuso
@ 2008-04-16 14:48 ` Jan Engelhardt
2008-04-16 15:00 ` remove deprecated use of AC_INIT_AUTOMAKE [was Re: Something like a bug] Pablo Neira Ayuso
1 sibling, 0 replies; 7+ messages in thread
From: Jan Engelhardt @ 2008-04-16 14:48 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Rick Xu, netfilter-devel
On Wednesday 2008-04-16 15:47, Pablo Neira Ayuso wrote:
>
>You seem to be more familiar with autostuff than me. I'd appreciate a
>patch for this. Thanks.
Index: configure.in
===================================================================
--- configure.in (revision 7496)
+++ configure.in (working copy)
@@ -1,10 +1,10 @@
dnl Process this file with autoconf to create configure.
-AC_INIT
+AC_INIT(libnfnetlink, 0.0.34)
AC_CANONICAL_SYSTEM
-AM_INIT_AUTOMAKE(libnfnetlink, 0.0.34)
+AM_INIT_AUTOMAKE
AC_PROG_CC
AC_EXEEXT
^ permalink raw reply [flat|nested] 7+ messages in thread
* remove deprecated use of AC_INIT_AUTOMAKE [was Re: Something like a bug]
2008-04-16 13:47 ` Pablo Neira Ayuso
2008-04-16 14:48 ` Jan Engelhardt
@ 2008-04-16 15:00 ` Pablo Neira Ayuso
1 sibling, 0 replies; 7+ messages in thread
From: Pablo Neira Ayuso @ 2008-04-16 15:00 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: Rick Xu, netfilter-devel
Applied. I'd apply similar patches for other netfilter tools and libraries.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2008-04-16 15:00 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-04-14 7:27 Something like a bug Rick Xu
2008-04-15 15:47 ` Pablo Neira Ayuso
2008-04-15 16:00 ` Rick Xu
2008-04-15 17:21 ` Jan Engelhardt
2008-04-16 13:47 ` Pablo Neira Ayuso
2008-04-16 14:48 ` Jan Engelhardt
2008-04-16 15:00 ` remove deprecated use of AC_INIT_AUTOMAKE [was Re: Something like a bug] Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.