Re: conntrack-tools bugs

All of lore.kernel.org
 help / color / mirror / Atom feed

* Re: conntrack-tools bugs
       [not found] ` <20150527180914.GA3685@salvia>
@ 2015-05-28 15:41   ` Paul Aitken
  0 siblings, 0 replies; only message in thread
From: Paul Aitken @ 2015-05-28 15:41 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Pablo Neira Ayuso

[-- Attachment #1: Type: text/plain, Size: 505 bytes --]

Please see the attached patches.

Thanks,
P.


On 27/05/15 19:09, Pablo Neira Ayuso wrote:
> On Wed, May 27, 2015 at 03:56:18PM +0100, Paul Aitken wrote:
>> Pablo, I found a couple of bugs in conntrack-tools.
>>
>> I could clone the git repo and fix them or submit a patch. What's
>> the right process?
> Please, send patches to netfilter-devel@vger.kernel.org
>
> I need that they apply through git am, ie. you have to generate it
> with git format-patch.
>
> Include a title and a description. Thanks.


[-- Attachment #2: 0001-Fix-two-issues-with-memset.patch --]
[-- Type: text/x-patch, Size: 1478 bytes --]

>From af1d3f66cf4fac3d2d5454dd11263c6f89d655c5 Mon Sep 17 00:00:00 2001
From: Paul Aitken <paitken@brocade.com>
Date: Thu, 28 May 2015 16:25:20 +0100
Subject: [PATCH 1/3] Fix two issues with memset

[src/expect.c:57]: (warning) The 2nd memset() argument '4294967295'
doesn't fit into an 'unsigned char'.
[src/expect.c:132]: (warning) The 2nd memset() argument '4294967295'
doesn't fit into an 'unsigned char'.

memset fills bytes, not ulongs - so the second parameter
(the fill value) has to be a byte.

Additionally, the second memset wasn't using the loop value
as an array offset.
---
 src/expect.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/expect.c b/src/expect.c
index bba0ed7..78c92b5 100644
--- a/src/expect.c
+++ b/src/expect.c
@@ -54,7 +54,7 @@ cthelper_expect_init(struct nf_expect *exp, struct nf_conntrack *master,
 			nfct_set_attr(expected, ATTR_IPV6_SRC, saddr->ip6);
 
 			for (i=0; i<4; i++)
-				memset(&addr[i], 0xffffffff, sizeof(uint32_t));
+				memset(&addr[i], 0xff, sizeof(uint32_t));
 
 			nfct_set_attr_u8(mask, ATTR_L3PROTO, AF_INET6);
 			nfct_set_attr(mask, ATTR_IPV6_SRC, addr);
@@ -129,7 +129,7 @@ cthelper_expect_init(struct nf_expect *exp, struct nf_conntrack *master,
 		nfct_set_attr(expected, ATTR_IPV6_DST, daddr->ip6);
 
 		for (i=0; i<4; i++)
-			memset(addr, 0xffffffff, sizeof(uint32_t));
+			memset(&addr[i], 0xff, sizeof(uint32_t));
 
 		nfct_set_attr(mask, ATTR_IPV6_DST, addr);
 		break;
-- 
1.9.1


[-- Attachment #3: 0002-Optimise-nfq_queue_cb.patch --]
[-- Type: text/x-patch, Size: 987 bytes --]

>From 395c8b6ce66dfaca6d3d85611a174ad2b026a241 Mon Sep 17 00:00:00 2001
From: Paul Aitken <paitken@brocade.com>
Date: Thu, 28 May 2015 16:34:33 +0100
Subject: [PATCH 2/3] Optimise nfq_queue_cb

ct and myct have both already been checked for non-NULL,
so there's no need to check either of them again here.
---
 src/cthelper.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/cthelper.c b/src/cthelper.c
index 15d5126..6537515 100644
--- a/src/cthelper.c
+++ b/src/cthelper.c
@@ -325,14 +325,12 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
 	if (pkt_verdict_issue(helper, myct, queue_num, id, verdict, pktb) < 0)
 		goto err_pktb;
 
-	if (ct != NULL)
-		nfct_destroy(ct);
+	nfct_destroy(ct);
 	if (myct->exp != NULL)
 		nfexp_destroy(myct->exp);
-	if (myct && myct->priv_data != NULL)
+	if (myct->priv_data != NULL)
 		free(myct->priv_data);
-	if (myct != NULL)
-		free(myct);
+	free(myct);
 
 	return MNL_CB_OK;
 err_pktb:
-- 
1.9.1


[-- Attachment #4: 0003-remove-unused-numbytes.patch --]
[-- Type: text/x-patch, Size: 792 bytes --]

>From d81010b4b9a7601b9503aee09bc5e2b280b8e097 Mon Sep 17 00:00:00 2001
From: Paul Aitken <paitken@brocade.com>
Date: Thu, 28 May 2015 16:35:19 +0100
Subject: [PATCH 3/3] remove unused 'numbytes'

'numbytes' isn't used and can be removed.
---
 src/local.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/local.c b/src/local.c
index feff608..453799a 100644
--- a/src/local.c
+++ b/src/local.c
@@ -117,11 +117,10 @@ void local_client_destroy(int fd)
 
 int do_local_client_step(int fd, void (*process)(char *buf))
 {
-	int numbytes;
 	char buf[1024];
 
 	memset(buf, 0, sizeof(buf));
-	while ((numbytes = recv(fd, buf, sizeof(buf)-1, 0)) > 0) {
+	while (recv(fd, buf, sizeof(buf)-1, 0) > 0) {
 		buf[sizeof(buf)-1] = '\0';
 		if (process)
 			process(buf);
-- 
1.9.1


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2015-05-28 15:44 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <5565DB12.6030808@brocade.com>
     [not found] ` <20150527180914.GA3685@salvia>
2015-05-28 15:41   ` conntrack-tools bugs Paul Aitken

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.