From: Dan Carpenter <dan.carpenter@oracle.com>
To: pablo@netfilter.org
Cc: netfilter-devel@vger.kernel.org
Subject: [bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields
Date: Tue, 6 Dec 2016 14:57:34 +0300 [thread overview]
Message-ID: <20161206115734.GA30548@elgon.mountain> (raw)
Hello Pablo Neira Ayuso,
The patch 556c291b3a1b: "netfilter: nft_payload: layer 4 checksum
adjustment for pseudoheader fields" from Nov 24, 2016, leads to the
following static checker warning:
net/netfilter/nft_payload.c:301 nft_payload_set_eval()
error: uninitialized symbol 'fsum'.
net/netfilter/nft_payload.c
253 static void nft_payload_set_eval(const struct nft_expr *expr,
254 struct nft_regs *regs,
255 const struct nft_pktinfo *pkt)
256 {
257 const struct nft_payload_set *priv = nft_expr_priv(expr);
258 struct sk_buff *skb = pkt->skb;
259 const u32 *src = ®s->data[priv->sreg];
260 int offset, csum_offset;
261 __wsum fsum, tsum;
262 __sum16 sum;
263
264 switch (priv->base) {
265 case NFT_PAYLOAD_LL_HEADER:
266 if (!skb_mac_header_was_set(skb))
267 goto err;
268 offset = skb_mac_header(skb) - skb->data;
269 break;
270 case NFT_PAYLOAD_NETWORK_HEADER:
271 offset = skb_network_offset(skb);
272 break;
273 case NFT_PAYLOAD_TRANSPORT_HEADER:
274 if (!pkt->tprot_set)
275 goto err;
276 offset = pkt->xt.thoff;
277 break;
278 default:
279 BUG();
280 }
281
282 csum_offset = offset + priv->csum_offset;
283 offset += priv->offset;
284
285 if (priv->csum_type == NFT_PAYLOAD_CSUM_INET &&
286 (priv->base != NFT_PAYLOAD_TRANSPORT_HEADER ||
287 skb->ip_summed != CHECKSUM_PARTIAL)) {
288 if (skb_copy_bits(skb, csum_offset, &sum, sizeof(sum)) < 0)
289 goto err;
290
291 fsum = skb_checksum(skb, offset, priv->len, 0);
fsum is only set inside this if statement.
292 tsum = csum_partial(src, priv->len, 0);
293 nft_csum_replace(&sum, fsum, tsum);
294
295 if (!skb_make_writable(skb, csum_offset + sizeof(sum)) ||
296 skb_store_bits(skb, csum_offset, &sum, sizeof(sum)) < 0)
297 goto err;
298 }
299
300 if (priv->csum_flags &&
301 nft_payload_l4csum_update(pkt, skb, fsum, tsum) < 0)
but we use it here. I don't know for sure this is a bug...
302 goto err;
303
304 if (!skb_make_writable(skb, max(offset + priv->len, 0)) ||
305 skb_store_bits(skb, offset, src, priv->len) < 0)
306 goto err;
307
308 return;
309 err:
310 regs->verdict.code = NFT_BREAK;
311 }
regards,
dan carpenter
next reply other threads:[~2016-12-06 12:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-06 11:57 Dan Carpenter [this message]
2016-12-06 12:16 ` [bug report] netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields Pablo Neira Ayuso
2016-12-06 12:24 ` Dan Carpenter
2016-12-06 12:32 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161206115734.GA30548@elgon.mountain \
--to=dan.carpenter@oracle.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).