* [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
@ 2023-06-23 11:23 Gavrilov Ilia
2023-06-23 12:54 ` Florian Westphal
2023-06-26 15:19 ` Pablo Neira Ayuso
0 siblings, 2 replies; 3+ messages in thread
From: Gavrilov Ilia @ 2023-06-23 11:23 UTC (permalink / raw)
To: Pablo Neira Ayuso
Cc: Gavrilov Ilia, Jozsef Kadlecsik, Florian Westphal,
David S. Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
Patrick McHardy, netfilter-devel@vger.kernel.org,
coreteam@netfilter.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org,
Simon Horman
From: "Ilia.Gavrilov" <Ilia.Gavrilov@infotecs.ru>
ct_sip_parse_numerical_param() returns only 0 or 1 now.
But process_register_request() and process_register_response() imply
checking for a negative value if parsing of a numerical header parameter
failed.
The invocation in nf_nat_sip() looks correct:
if (ct_sip_parse_numerical_param(...) > 0 &&
...) { ... }
Make the return value of the function ct_sip_parse_numerical_param()
a tristate to fix all the cases
a) return 1 if value is found; *val is set
b) return 0 if value is not found; *val is unchanged
c) return -1 on error; *val is undefined
Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.
Fixes: 0f32a40fc91a ("[NETFILTER]: nf_conntrack_sip: create signalling expectations")
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Ilia.Gavrilov <Ilia.Gavrilov@infotecs.ru>
---
- Fix description
- Repost according
https://lore.kernel.org/all/20230622144325.GC29784@breakpoint.cc/
net/netfilter/nf_conntrack_sip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c
index 77f5e82d8e3f..d0eac27f6ba0 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -611,7 +611,7 @@ int ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
start += strlen(name);
*val = simple_strtoul(start, &end, 0);
if (start == end)
- return 0;
+ return -1;
if (matchoff && matchlen) {
*matchoff = start - dptr;
*matchlen = end - start;
--
2.39.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
2023-06-23 11:23 [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value Gavrilov Ilia
@ 2023-06-23 12:54 ` Florian Westphal
2023-06-26 15:19 ` Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Florian Westphal @ 2023-06-23 12:54 UTC (permalink / raw)
To: Gavrilov Ilia
Cc: netfilter-devel@vger.kernel.org, lvc-project@linuxtesting.org
Gavrilov Ilia <Ilia.Gavrilov@infotecs.ru> wrote:
> From: "Ilia.Gavrilov" <Ilia.Gavrilov@infotecs.ru>
>
> ct_sip_parse_numerical_param() returns only 0 or 1 now.
> But process_register_request() and process_register_response() imply
> checking for a negative value if parsing of a numerical header parameter
> failed.
> The invocation in nf_nat_sip() looks correct:
> if (ct_sip_parse_numerical_param(...) > 0 &&
> ...) { ... }
>
> Make the return value of the function ct_sip_parse_numerical_param()
> a tristate to fix all the cases
> a) return 1 if value is found; *val is set
> b) return 0 if value is not found; *val is unchanged
> c) return -1 on error; *val is undefined
>
> Found by InfoTeCS on behalf of Linux Verification Center
> (linuxtesting.org) with SVACE.
>
> Fixes: 0f32a40fc91a ("[NETFILTER]: nf_conntrack_sip: create signalling expectations")
> Reviewed-by: Simon Horman <simon.horman@corigine.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
2023-06-23 11:23 [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value Gavrilov Ilia
2023-06-23 12:54 ` Florian Westphal
@ 2023-06-26 15:19 ` Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2023-06-26 15:19 UTC (permalink / raw)
To: Gavrilov Ilia
Cc: Jozsef Kadlecsik, Florian Westphal, David S. Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, Patrick McHardy,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
lvc-project@linuxtesting.org, Simon Horman
On Fri, Jun 23, 2023 at 11:23:46AM +0000, Gavrilov Ilia wrote:
> From: "Ilia.Gavrilov" <Ilia.Gavrilov@infotecs.ru>
>
> ct_sip_parse_numerical_param() returns only 0 or 1 now.
> But process_register_request() and process_register_response() imply
> checking for a negative value if parsing of a numerical header parameter
> failed.
> The invocation in nf_nat_sip() looks correct:
> if (ct_sip_parse_numerical_param(...) > 0 &&
> ...) { ... }
>
> Make the return value of the function ct_sip_parse_numerical_param()
> a tristate to fix all the cases
> a) return 1 if value is found; *val is set
> b) return 0 if value is not found; *val is unchanged
> c) return -1 on error; *val is undefined
Applied to nf.git
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-06-26 15:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-23 11:23 [PATCH net] netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value Gavrilov Ilia
2023-06-23 12:54 ` Florian Westphal
2023-06-26 15:19 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).