[PATCH nft,v2] gmputil: assert length is non-zero

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: fw@strlen.de
Subject: [PATCH nft,v2] gmputil: assert length is non-zero
Date: Wed, 14 Aug 2019 10:34:42 +0200	[thread overview]
Message-ID: <20190814083442.24470-1-pablo@netfilter.org> (raw)

Importing, exporting and byteswapping zero length data should not
happen.

Add inline functions so we know from where the assertion is triggered in
the code for easier diagnosing in the future.

When importing datatype.h from gmputil.h, it seems gcc complains on
missing declarations in json.h.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: use inline for easier diagnosing.

 include/gmputil.h | 38 +++++++++++++++++++++++++++++++-------
 include/json.h    |  4 ++++
 src/gmputil.c     | 16 +++++++---------
 3 files changed, 42 insertions(+), 16 deletions(-)

diff --git a/include/gmputil.h b/include/gmputil.h
index ad63d67b4e05..38aa0e0dc11a 100644
--- a/include/gmputil.h
+++ b/include/gmputil.h
@@ -52,12 +52,36 @@ extern uint32_t mpz_get_be32(const mpz_t op);
 extern uint16_t mpz_get_be16(const mpz_t op);
 
 enum byteorder;
-extern void *mpz_export_data(void *data, const mpz_t op,
-			     enum byteorder byteorder,
-			     unsigned int len);
-extern void mpz_import_data(mpz_t rop, const void *data,
-			    enum byteorder byteorder,
-			    unsigned int len);
-extern void mpz_switch_byteorder(mpz_t rop, unsigned int len);
+extern void *__mpz_export_data(void *data, const mpz_t op,
+			       enum byteorder byteorder, unsigned int len);
+extern void __mpz_import_data(mpz_t rop, const void *data,
+			      enum byteorder byteorder, unsigned int len);
+extern void __mpz_switch_byteorder(mpz_t rop, unsigned int len);
+
+#include <assert.h>
+#include <datatype.h>
+
+static inline void *mpz_export_data(void *data, const mpz_t op,
+				    enum byteorder byteorder, unsigned int len)
+{
+	assert(len > 0);
+
+	return __mpz_export_data(data, op, byteorder, len);
+}
+
+static inline void mpz_import_data(mpz_t rop, const void *data,
+				   enum byteorder byteorder, unsigned int len)
+{
+	assert(len > 0);
+
+	__mpz_import_data(rop, data, byteorder, len);
+}
+
+static inline void mpz_switch_byteorder(mpz_t rop, unsigned int len)
+{
+	assert(len > 0);
+
+	__mpz_switch_byteorder(rop, len);
+}
 
 #endif /* NFTABLES_GMPUTIL_H */
diff --git a/include/json.h b/include/json.h
index 7f2df7c8220f..20d6c2a4a8e7 100644
--- a/include/json.h
+++ b/include/json.h
@@ -15,6 +15,10 @@ struct stmt;
 struct symbol_table;
 struct table;
 struct netlink_mon_handler;
+struct nft_ctx;
+struct location;
+struct output_ctx;
+struct list_head;
 
 #ifdef HAVE_LIBJANSSON
 
diff --git a/src/gmputil.c b/src/gmputil.c
index a25f42ee2b64..b356460fa739 100644
--- a/src/gmputil.c
+++ b/src/gmputil.c
@@ -87,9 +87,8 @@ uint16_t mpz_get_be16(const mpz_t op)
 	return mpz_get_type(uint16_t, MPZ_BIG_ENDIAN, op);
 }
 
-void *mpz_export_data(void *data, const mpz_t op,
-		      enum byteorder byteorder,
-		      unsigned int len)
+void *__mpz_export_data(void *data, const mpz_t op, enum byteorder byteorder,
+			unsigned int len)
 {
 	enum mpz_word_order order;
 	enum mpz_byte_order endian;
@@ -111,9 +110,8 @@ void *mpz_export_data(void *data, const mpz_t op,
 	return data;
 }
 
-void mpz_import_data(mpz_t rop, const void *data,
-		     enum byteorder byteorder,
-		     unsigned int len)
+void __mpz_import_data(mpz_t rop, const void *data, enum byteorder byteorder,
+		       unsigned int len)
 {
 	enum mpz_word_order order;
 	enum mpz_byte_order endian;
@@ -133,12 +131,12 @@ void mpz_import_data(mpz_t rop, const void *data,
 	mpz_import(rop, len, order, 1, endian, 0, data);
 }
 
-void mpz_switch_byteorder(mpz_t rop, unsigned int len)
+void __mpz_switch_byteorder(mpz_t rop, unsigned int len)
 {
 	char data[len];
 
-	mpz_export_data(data, rop, BYTEORDER_BIG_ENDIAN, len);
-	mpz_import_data(rop, data, BYTEORDER_HOST_ENDIAN, len);
+	__mpz_export_data(data, rop, BYTEORDER_BIG_ENDIAN, len);
+	__mpz_import_data(rop, data, BYTEORDER_HOST_ENDIAN, len);
 }
 
 #ifndef HAVE_LIBGMP
-- 
2.11.0

                 reply	other threads:[~2019-08-14  8:34 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ad63d67b4e0 dfblob:38aa0e0dc11 dfblob:7f2df7c8220
dfblob:20d6c2a4a8e dfblob:a25f42ee2b6 dfblob:b356460fa73 )
 OR (
bs:"[PATCH nft,v2] gmputil: assert length is non-zero" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190814083442.24470-1-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=fw@strlen.de \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).