From: Phil Sutter <phil@nwl.cc>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH iptables] extensions: libebt_stp: fix range checking
Date: Wed, 24 Jan 2024 17:13:45 +0100 [thread overview]
Message-ID: <ZbE3OUiDlnf7A7kI@orbyte.nwl.cc> (raw)
In-Reply-To: <20240124154216.GD31645@breakpoint.cc>
On Wed, Jan 24, 2024 at 04:42:16PM +0100, Florian Westphal wrote:
> Phil Sutter <phil@nwl.cc> wrote:
> > While you correctly hate the game instead of its player, you probably
> > hate the wrong game: The code above indeed is confusing. Maybe one
> > should move that monotonicity check into libxtables which should
> > simplify it quite a bit. I'll have a look. :)
>
> Something IS broken. Still not working on FC 39 test machine
> even after fresh clone.
>
> On a "working" VM:
> export XTABLES_LIBDIR=$(pwd)/extensions
> iptables/xtables-nft-multi ebtables -A INPUT --stp-root-cost 1
> have 1 32765
>
> @@ -150,7 +151,9 @@ static void brstp_parse(struct xt_option_call *cb)
> RANGE_ASSIGN("root-prio", root_prio, cb->val.u16_range);
> break;
> case O_RCOST:
> + fprintf(stderr, "have %u %u\n", cb->val.u32_range[0], cb->val.u32_range[1]);
>
> I can't even figure out where the correct max value is supposed to be set.
>
> Varying the input:
>
> xtables-nft-multi ebtables -A INPUT --stp-root-cost 1
> have 1 32764
>
> Looks to me as if the upper value is undefined.
>
> Other users of *RC versions handle it in .parse, e.g. libxt_length.
> No idea how this is working.
In xtopt_parse_mint(), there is:
| const uintmax_t lmax = xtopt_max_by_type(entry->type);
| [...]
| if (*arg == '\0' || *arg == sep) {
| /* Default range components when field not spec'd. */
| end = (char *)arg;
| value = (cb->nvals == 1) ? lmax : 0;
But that branch appears to be dead code. So this is indeed a bug and a
specific build may or may not hit it as your experience shows. I'll see
how xtopt_parse_mint() can be fixed.
The reason why extensions may sanitize the values is because kernel code
may expect upper==lower or upper==MAX if not given.
Cheers, Phil
next prev parent reply other threads:[~2024-01-24 16:13 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-23 16:49 [PATCH iptables] extensions: libebt_stp: fix range checking Florian Westphal
2024-01-24 14:00 ` Phil Sutter
2024-01-24 14:37 ` Florian Westphal
2024-01-24 14:57 ` Phil Sutter
2024-01-24 15:42 ` Florian Westphal
2024-01-24 16:13 ` Phil Sutter [this message]
2024-01-25 14:44 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZbE3OUiDlnf7A7kI@orbyte.nwl.cc \
--to=phil@nwl.cc \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).