[PATCH iproute2] arpd: drop unnecessary explicit null termination

[PATCH iproute2] arpd: drop unnecessary explicit null termination

[Andreas Henriksson]

This is a followup to a previous commit 61170fd88d264c
"get rid of unnecessary fgets() buffer size limitation".

If fgets guarantees buffer will be null terminated in the
given size, then we can also drop the explicit termination.

While at it, also add an unrelated FIXME comment about
potential unlikely long comment handling bug spotted in
nearby code.

Signed-off-by: Andreas Henriksson <andreas@fatal.se>
---
 misc/arpd.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/misc/arpd.c b/misc/arpd.c
index 6bb9bd1..3be700d 100644
--- a/misc/arpd.c
+++ b/misc/arpd.c
@@ -702,12 +702,16 @@ int main(int argc, char **argv)
 			goto do_abort;
 		}
 
-		buf[sizeof(buf)-1] = 0;
 		while (fgets(buf, sizeof(buf), fp)) {
 			__u8 b1[6];
 			char ipbuf[128];
 			char macbuf[128];
 
+			/* FIXME: this does not properly handle the case where
+			 * the comment line is longer than sizeof(buf).
+			 * Should check if buf contains '\n' or skip upcoming
+			 * bufs until '\n' is found.
+			 */
 			if (buf[0] == '#')
 				continue;
 
-- 
2.1.4

Re: [PATCH iproute2] arpd: drop unnecessary explicit null termination

[Stephen Hemminger]

On Sun,  3 Jan 2016 17:09:44 +0100
Andreas Henriksson <andreas@fatal.se> wrote:

> This is a followup to a previous commit 61170fd88d264c
> "get rid of unnecessary fgets() buffer size limitation".
> 
> If fgets guarantees buffer will be null terminated in the
> given size, then we can also drop the explicit termination.
> 
> While at it, also add an unrelated FIXME comment about
> potential unlikely long comment handling bug spotted in
> nearby code.
> 
> Signed-off-by: Andreas Henriksson <andreas@fatal.se>
> ---
>  misc/arpd.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/misc/arpd.c b/misc/arpd.c
> index 6bb9bd1..3be700d 100644
> --- a/misc/arpd.c
> +++ b/misc/arpd.c
> @@ -702,12 +702,16 @@ int main(int argc, char **argv)
>  			goto do_abort;
>  		}
>  
> -		buf[sizeof(buf)-1] = 0;
>  		while (fgets(buf, sizeof(buf), fp)) {
>  			__u8 b1[6];
>  			char ipbuf[128];
>  			char macbuf[128];
>  
> +			/* FIXME: this does not properly handle the case where
> +			 * the comment line is longer than sizeof(buf).
> +			 * Should check if buf contains '\n' or skip upcoming
> +			 * bufs until '\n' is found.
> +			 */
>  			if (buf[0] == '#')
>  				continue;
>  

Rather than adding a big FIXME, please fix the problem.

Easiest fix would be just increase sizeof(buf) to BUFSIZ (4k) which
should fix any rational use of the file.

Other alternatives would be to use fscanf or getline.

[PATCH iproute2 v2 1/2] arpd: drop unnecessary explicit null termination

[Andreas Henriksson]

This is a followup to a previous commit 61170fd88d264c
"get rid of unnecessary fgets() buffer size limitation".

If fgets guarantees buffer will be null terminated in the
given size, then we can also drop the explicit termination.

Signed-off-by: Andreas Henriksson <andreas@fatal.se>
---
 misc/arpd.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/misc/arpd.c b/misc/arpd.c
index 6bb9bd1..700dc50 100644
--- a/misc/arpd.c
+++ b/misc/arpd.c
@@ -702,7 +702,6 @@ int main(int argc, char **argv)
 			goto do_abort;
 		}
 
-		buf[sizeof(buf)-1] = 0;
 		while (fgets(buf, sizeof(buf), fp)) {
 			__u8 b1[6];
 			char ipbuf[128];
-- 
2.1.4

[PATCH iproute2 v2 2/2] arpd: fix parsing of unlikely long comments

[Andreas Henriksson]

In case the commented out line was longer than the buffer size,
the remaining part was previously not properly skipped.

With this fix we should now continue ignoring lines starting with #
until we find a newline character.

Signed-off-by: Andreas Henriksson <andreas@fatal.se>
---
 misc/arpd.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/misc/arpd.c b/misc/arpd.c
index 700dc50..a4f0f0d 100644
--- a/misc/arpd.c
+++ b/misc/arpd.c
@@ -691,6 +691,7 @@ int main(int argc, char **argv)
 		FILE *fp;
 		struct dbkey k;
 		DBT dbkey, dbdat;
+		int skip_until_eol = 0;
 
 		dbkey.data = &k;
 		dbkey.size = sizeof(k);
@@ -707,8 +708,19 @@ int main(int argc, char **argv)
 			char ipbuf[128];
 			char macbuf[128];
 
-			if (buf[0] == '#')
+			/* skip remaining part of commented outline. */
+			if (skip_until_eol) {
+				if (strrchr(buf, '\n') != NULL)
+					skip_until_eol = 0;
 				continue;
+			}
+
+			/* skip (beginning of) commented out line. */
+			if (buf[0] == '#') {
+				if (strrchr(buf, '\n') == NULL)
+					skip_until_eol = 1;
+				continue;
+			}
 
 			if (sscanf(buf, "%u%s%s", &k.iface, ipbuf, macbuf) != 3) {
 				fprintf(stderr, "Wrong format of input file \"%s\"\n", do_load);
-- 
2.1.4

Re: [PATCH iproute2 v2 2/2] arpd: fix parsing of unlikely long comments

[Andreas Henriksson]

Hello Stephen Hemminger.

Please beware that this has been compile-tested only.
Submitting it like this was what I was trying to avoid
by just throwing in a FIXME comment in the initial submission.
Sorry in advance if I managed to screw something up, but
hopefully I didn't...

Regards,
Andreas Henriksson

On Sun, Jan 03, 2016 at 07:39:33PM +0100, Andreas Henriksson wrote:
> In case the commented out line was longer than the buffer size,
> the remaining part was previously not properly skipped.
> 
> With this fix we should now continue ignoring lines starting with #
> until we find a newline character.
> 
> Signed-off-by: Andreas Henriksson <andreas@fatal.se>
> ---
>  misc/arpd.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/misc/arpd.c b/misc/arpd.c
> index 700dc50..a4f0f0d 100644
> --- a/misc/arpd.c
> +++ b/misc/arpd.c
> @@ -691,6 +691,7 @@ int main(int argc, char **argv)
>  		FILE *fp;
>  		struct dbkey k;
>  		DBT dbkey, dbdat;
> +		int skip_until_eol = 0;
>  
>  		dbkey.data = &k;
>  		dbkey.size = sizeof(k);
> @@ -707,8 +708,19 @@ int main(int argc, char **argv)
>  			char ipbuf[128];
>  			char macbuf[128];
>  
> -			if (buf[0] == '#')
> +			/* skip remaining part of commented outline. */
> +			if (skip_until_eol) {
> +				if (strrchr(buf, '\n') != NULL)
> +					skip_until_eol = 0;
>  				continue;
> +			}
> +
> +			/* skip (beginning of) commented out line. */
> +			if (buf[0] == '#') {
> +				if (strrchr(buf, '\n') == NULL)
> +					skip_until_eol = 1;
> +				continue;
> +			}
>  
>  			if (sscanf(buf, "%u%s%s", &k.iface, ipbuf, macbuf) != 3) {
>  				fprintf(stderr, "Wrong format of input file \"%s\"\n", do_load);
> -- 
> 2.1.4
> 

Re: [PATCH iproute2 v2 2/2] arpd: fix parsing of unlikely long comments

[Stephen Hemminger]

On Sun, 3 Jan 2016 19:44:29 +0100
Andreas Henriksson <andreas@fatal.se> wrote:

> Hello Stephen Hemminger.
> 
> Please beware that this has been compile-tested only.
> Submitting it like this was what I was trying to avoid
> by just throwing in a FIXME comment in the initial submission.
> Sorry in advance if I managed to screw something up, but
> hopefully I didn't...
> 
> Regards,
> Andreas Henriksson
> 

All this seems like overkill. The file format for arpd is very simple:
ifindex, IPv4, MAC
and really should never be too long. If it is the input is garbage and the
whole input should just be rejected, logged, and arpd should exit.