[Bug 420] New: Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [Bug 420] New: Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
@ 2003-02-28 17:37 Martin J. Bligh
  0 siblings, 0 replies; 5+ messages in thread
From: Martin J. Bligh @ 2003-02-28 17:37 UTC (permalink / raw)
  To: linux-kernel

http://bugme.osdl.org/show_bug.cgi?id=420

           Summary: Divide by zero
                    (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
    Kernel Version: 2.4.20, 2.5.63
            Status: NEW
          Severity: normal
             Owner: davem@vger.kernel.org
         Submitter: usui_mi@ybb.ne.jp

Distribution:Debian GNU/Linux 3.0, Vine Linux 2.6
Hardware Environment:
Software Environment:
Problem Description:
  Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
Steps to reproduce:
  I found the problem of neigh_rand_reach_time() in net/core/neighbour.c.
  This function called by neigh_periodic_timer() each 300 seconds, 
  and argument of neigh_periodic_timer() is p->base_reachable_time.
  base_reachable_time can set to 0 by below sequence.

    echo 0 > /proc/sys/net/ipv4/neigh/DEV/base_reachable_time

  But neigh_rand_reach_time() divide by its argument.

    unsigned long neigh_rand_reach_time(unsigned long base)
    {
	return (net_random() % base) + (base>>1);
    }

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Bug 420] New: Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
       [not found] <27440000.1046453828@[10.10.2.4].suse.lists.linux.kernel>
@ 2003-02-28 18:31 ` Andi Kleen
  2003-02-28 22:23   ` Abramo Bagnara
  0 siblings, 1 reply; 5+ messages in thread
From: Andi Kleen @ 2003-02-28 18:31 UTC (permalink / raw)
  To: Martin J. Bligh; +Cc: linux-kernel

"Martin J. Bligh" <mbligh@aracnet.com> writes:
> 
>     echo 0 > /proc/sys/net/ipv4/neigh/DEV/base_reachable_time
> 
>   But neigh_rand_reach_time() divide by its argument.
> 
>     unsigned long neigh_rand_reach_time(unsigned long base)
>     {
> 	return (net_random() % base) + (base>>1);
>     }

Don't do that then. The sysctl is root-only. There are lots of ways to
break the system by writing bogus values into root only configuration
options. That is why they are root only

I would close the report as WONTFIX.

-Andi

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Bug 420] New: Divide by zero  (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
  2003-02-28 18:31 ` [Bug 420] New: Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time) Andi Kleen
@ 2003-02-28 22:23   ` Abramo Bagnara
  2003-02-28 22:26     ` Randy.Dunlap
  0 siblings, 1 reply; 5+ messages in thread
From: Abramo Bagnara @ 2003-02-28 22:23 UTC (permalink / raw)
  To: Andi Kleen; +Cc: Martin J. Bligh, linux-kernel

Andi Kleen wrote:
> 
> "Martin J. Bligh" <mbligh@aracnet.com> writes:
> >
> >     echo 0 > /proc/sys/net/ipv4/neigh/DEV/base_reachable_time
> >
> >   But neigh_rand_reach_time() divide by its argument.
> >
> >     unsigned long neigh_rand_reach_time(unsigned long base)
> >     {
> >       return (net_random() % base) + (base>>1);
> >     }
> 
> Don't do that then. The sysctl is root-only. There are lots of ways to
> break the system by writing bogus values into root only configuration
> options. That is why they are root only
> 
> I would close the report as WONTFIX.

Don't this argument bring to the weird equality:

root user == infallible guy

IMHO the "if you make a typo you crash the machine" should be avoided
(at least when feasible without drawbacks).

-- 
Abramo Bagnara                       mailto:abramo.bagnara@libero.it

Opera Unica                          Phone: +39.546.656023
Via Emilia Interna, 140
48014 Castel Bolognese (RA) - Italy

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Bug 420] New: Divide by zero  (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
  2003-02-28 22:23   ` Abramo Bagnara
@ 2003-02-28 22:26     ` Randy.Dunlap
  2003-02-28 22:37       ` Robert Love
  0 siblings, 1 reply; 5+ messages in thread
From: Randy.Dunlap @ 2003-02-28 22:26 UTC (permalink / raw)
  To: Abramo Bagnara; +Cc: ak, mbligh, linux-kernel

On Fri, 28 Feb 2003 23:23:33 +0100
Abramo Bagnara <abramo.bagnara@libero.it> wrote:

| Andi Kleen wrote:
| > 
| > "Martin J. Bligh" <mbligh@aracnet.com> writes:
| > >
| > >     echo 0 > /proc/sys/net/ipv4/neigh/DEV/base_reachable_time
| > >
| > >   But neigh_rand_reach_time() divide by its argument.
| > >
| > >     unsigned long neigh_rand_reach_time(unsigned long base)
| > >     {
| > >       return (net_random() % base) + (base>>1);
| > >     }
| > 
| > Don't do that then. The sysctl is root-only. There are lots of ways to
| > break the system by writing bogus values into root only configuration
| > options. That is why they are root only
| > 
| > I would close the report as WONTFIX.
| 
| Don't this argument bring to the weird equality:
| 
| root user == infallible guy
| 
| IMHO the "if you make a typo you crash the machine" should be avoided
| (at least when feasible without drawbacks).

I agree with that.
It's worth making a patch and letting the maintainer reject it.

Of course, there are still plenty of other ways to write to /proc and kill
the system.

--
~Randy

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Bug 420] New: Divide by zero  (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time)
  2003-02-28 22:26     ` Randy.Dunlap
@ 2003-02-28 22:37       ` Robert Love
  0 siblings, 0 replies; 5+ messages in thread
From: Robert Love @ 2003-02-28 22:37 UTC (permalink / raw)
  To: Randy.Dunlap; +Cc: Abramo Bagnara, ak, mbligh, linux-kernel

On Fri, 2003-02-28 at 17:26, Randy.Dunlap wrote:

> I agree with that.

I agree with that, too.

It is easy, too, because the sysctl mechanism has a built-in bounds
checking function.

For the seventh parameter (the parsing mechanism) you can specify
something like proc_dointvec_minmax and then the last parameters can be
&one and NULL.  This forces the minimum value to be one.

So its trivial and built-in.  While root should be able to wreck the
system, he should at least have a chance in hell of knowing he is doing
so.  Zero may seem to be a legitimate value here...

	Robert Love

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2003-02-28 22:27 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <27440000.1046453828@[10.10.2.4].suse.lists.linux.kernel>
2003-02-28 18:31 ` [Bug 420] New: Divide by zero (/proc/sys/net/ipv4/neigh/DEV/base_reachable_time) Andi Kleen
2003-02-28 22:23   ` Abramo Bagnara
2003-02-28 22:26     ` Randy.Dunlap
2003-02-28 22:37       ` Robert Love
2003-02-28 17:37 Martin J. Bligh

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox