[PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length
@ 2023-11-04 21:00 Maciej Żenczykowski
  2023-11-05  7:08 ` Jan Engelhardt
  0 siblings, 1 reply; 3+ messages in thread
From: Maciej Żenczykowski @ 2023-11-04 21:00 UTC (permalink / raw)
  To: Maciej Żenczykowski, David S . Miller, Pablo Neira Ayuso,
	Florian Westphal
  Cc: Linux Network Development Mailing List,
	Netfilter Development Mailing List, Jan Engelhardt,
	Patrick McHardy

From: Maciej Żenczykowski <zenczykowski@gmail.com>

IPv4 in IPv6 is supported by in6_pton
(this is useful with DNS64/NAT64 networks for example):

  # echo +aaaa:bbbb:cccc:dddd:eeee:ffff:1.2.3.4 > /proc/self/net/xt_recent/DEFAULT
  # cat /proc/self/net/xt_recent/DEFAULT
  src=aaaa:bbbb:cccc:dddd:eeee:ffff:0102:0304 ttl: 0 last_seen: 9733848829 oldest_pkt: 1 9733848829

but the provided buffer is too short:

  # echo +aaaa:bbbb:cccc:dddd:eeee:ffff:255.255.255.255 > /proc/self/net/xt_recent/DEFAULT
  -bash: echo: write error: Invalid argument

Cc: Jan Engelhardt <jengelh@medozas.de>
Cc: Patrick McHardy <kaber@trash.net>
Fixes: 079aa88fe717 ("netfilter: xt_recent: IPv6 support")
Signed-off-by: Maciej Żenczykowski <zenczykowski@gmail.com>
---
 net/netfilter/xt_recent.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 7ddb9a78e3fc..ef93e0d3bee0 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -561,7 +561,7 @@ recent_mt_proc_write(struct file *file, const char __user *input,
 {
 	struct recent_table *t = pde_data(file_inode(file));
 	struct recent_entry *e;
-	char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:5afe:c0de")];
+	char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:255.255.255.255")];
 	const char *c = buf;
 	union nf_inet_addr addr = {};
 	u_int16_t family;
-- 
2.42.0.869.gea05f2083d-goog


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length
  2023-11-04 21:00 [PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length Maciej Żenczykowski
@ 2023-11-05  7:08 ` Jan Engelhardt
  2023-11-05 19:59   ` Maciej Żenczykowski
  0 siblings, 1 reply; 3+ messages in thread
From: Jan Engelhardt @ 2023-11-05  7:08 UTC (permalink / raw)
  To: Maciej Żenczykowski
  Cc: Maciej Żenczykowski, David S . Miller, Pablo Neira Ayuso,
	Florian Westphal, Linux Network Development Mailing List,
	Netfilter Development Mailing List, Patrick McHardy


On Saturday 2023-11-04 22:00, Maciej Żenczykowski wrote:
>
>IPv4 in IPv6 is supported by in6_pton [...]
>but the provided buffer is too short:

If in6_pton were to support tunnel traffic.. wait that sounds
unusual, and would require dst to be at least 20 bytes, which the 
function documentation contradicts.

As the RFCs make no precise name proposition

	(IPv6 Text Representation, third alternative,
	IPv4 "decimal value" of the "four low-order 8-bit pieces")

so let's just call it

	"low-32-bit dot-decimal representation"

which should avoid the tunnel term.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length
  2023-11-05  7:08 ` Jan Engelhardt
@ 2023-11-05 19:59   ` Maciej Żenczykowski
  0 siblings, 0 replies; 3+ messages in thread
From: Maciej Żenczykowski @ 2023-11-05 19:59 UTC (permalink / raw)
  To: Jan Engelhardt
  Cc: David S . Miller, Pablo Neira Ayuso, Florian Westphal,
	Linux Network Development Mailing List,
	Netfilter Development Mailing List, Patrick McHardy

On Sun, Nov 5, 2023 at 12:08 AM Jan Engelhardt <jengelh@inai.de> wrote:
>
>
> On Saturday 2023-11-04 22:00, Maciej Żenczykowski wrote:
> >
> >IPv4 in IPv6 is supported by in6_pton [...]
> >but the provided buffer is too short:
>
> If in6_pton were to support tunnel traffic.. wait that sounds
> unusual, and would require dst to be at least 20 bytes, which the
> function documentation contradicts.
>
> As the RFCs make no precise name proposition
>
>         (IPv6 Text Representation, third alternative,
>         IPv4 "decimal value" of the "four low-order 8-bit pieces")
>
> so let's just call it
>
>         "low-32-bit dot-decimal representation"
>
> which should avoid the tunnel term.

Resent [ https://patchwork.kernel.org/project/netdevbpf/patch/20231105195600.522779-1-maze@google.com/
], hopefully this is better.
Also:
- used your (Jan's) new email in the CC.
- changed net to netfilter in the commit title
(but as it is such a trivial bug fix, it does still feel like it
should go straight into net/main... rather than via netfilter repos)

Cheers,
Maciej

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-11-05 19:59 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-04 21:00 [PATCH net] net: xt_recent: fix (increase) ipv6 literal buffer length Maciej Żenczykowski
2023-11-05  7:08 ` Jan Engelhardt
2023-11-05 19:59   ` Maciej Żenczykowski

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).