[PATCH 0/2] *** minor fixes in DHCP6 ***

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

* [PATCH 0/2] *** minor fixes in DHCP6 ***
@ 2023-05-18 19:35 seanedmond
  2023-05-18 19:35 ` [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278 seanedmond
  2023-05-18 19:35 ` [PATCH 2/2] net: dhcp6: Fix VCI string seanedmond
  0 siblings, 2 replies; 7+ messages in thread
From: seanedmond @ 2023-05-18 19:35 UTC (permalink / raw)
  To: u-boot; +Cc: trini, xypron.glpk, rfried.dev

From: Sean Edmond <seanedmond@microsoft.com>

Resolves 2 issues:
- coverity CID 453851 and 436278
- Change DHCP6 VCI string from "U-boot" to "U-Boot" (this was found 
  by more detailed testing on our end)

Sean Edmond (2):
  net: ipv6: Fix CID 453851 and CID 436278
  net: dhcp6: Fix VCI string

 cmd/net.c    | 12 ++++++------
 net/dhcpv6.c |  5 +++++
 net/dhcpv6.h |  2 +-
 3 files changed, 12 insertions(+), 7 deletions(-)

-- 
2.40.0


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278
  2023-05-18 19:35 [PATCH 0/2] *** minor fixes in DHCP6 *** seanedmond
@ 2023-05-18 19:35 ` seanedmond
  2023-06-10 10:44   ` Ramon Fried
  2023-06-14 19:51   ` Tom Rini
  2023-05-18 19:35 ` [PATCH 2/2] net: dhcp6: Fix VCI string seanedmond
  1 sibling, 2 replies; 7+ messages in thread
From: seanedmond @ 2023-05-18 19:35 UTC (permalink / raw)
  To: u-boot; +Cc: trini, xypron.glpk, rfried.dev

From: Sean Edmond <seanedmond@microsoft.com>

CID 453851 : sprintf() shouldn't copy from/to tmp
CID 436278 : DHCP6 option_len should be checked before use

Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
---
 cmd/net.c    | 12 ++++++------
 net/dhcpv6.c |  5 +++++
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/cmd/net.c b/cmd/net.c
index 68d406291e..9e1f40a56e 100644
--- a/cmd/net.c
+++ b/cmd/net.c
@@ -209,7 +209,7 @@ U_BOOT_CMD(
 
 static void netboot_update_env(void)
 {
-	char tmp[44];
+	char tmp[46];
 
 	if (net_gateway.s_addr) {
 		ip_to_string(net_gateway, tmp);
@@ -274,20 +274,20 @@ static void netboot_update_env(void)
 	if (IS_ENABLED(CONFIG_IPV6)) {
 		if (!ip6_is_unspecified_addr(&net_ip6) ||
 		    net_prefix_length != 0) {
-			sprintf(tmp, "%pI6c", &net_ip6);
 			if (net_prefix_length != 0)
-				sprintf(tmp, "%s/%d", tmp, net_prefix_length);
-
+				snprintf(tmp, sizeof(tmp), "%pI6c/%d", &net_ip6, net_prefix_length);
+			else
+				snprintf(tmp, sizeof(tmp), "%pI6c", &net_ip6);
 			env_set("ip6addr", tmp);
 		}
 
 		if (!ip6_is_unspecified_addr(&net_server_ip6)) {
-			sprintf(tmp, "%pI6c", &net_server_ip6);
+			snprintf(tmp, sizeof(tmp), "%pI6c", &net_server_ip6);
 			env_set("serverip6", tmp);
 		}
 
 		if (!ip6_is_unspecified_addr(&net_gateway6)) {
-			sprintf(tmp, "%pI6c", &net_gateway6);
+			snprintf(tmp, sizeof(tmp), "%pI6c", &net_gateway6);
 			env_set("gatewayip6", tmp);
 		}
 	}
diff --git a/net/dhcpv6.c b/net/dhcpv6.c
index 0d1c600632..73a1067877 100644
--- a/net/dhcpv6.c
+++ b/net/dhcpv6.c
@@ -316,6 +316,11 @@ static void dhcp6_parse_options(uchar *rx_pkt, unsigned int len)
 		option_ptr = ((uchar *)option_hdr) + sizeof(struct dhcp6_hdr);
 		option_len = ntohs(option_hdr->option_len);
 
+		if (option_ptr + option_len > rx_pkt + len) {
+			debug("Invalid option length\n");
+			return;
+		}
+
 		switch (ntohs(option_hdr->option_id)) {
 		case DHCP6_OPTION_CLIENTID:
 			if (memcmp(option_ptr, sm_params.duid, option_len)
-- 
2.40.0


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH 2/2] net: dhcp6: Fix VCI string
  2023-05-18 19:35 [PATCH 0/2] *** minor fixes in DHCP6 *** seanedmond
  2023-05-18 19:35 ` [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278 seanedmond
@ 2023-05-18 19:35 ` seanedmond
  2023-06-10 10:44   ` Ramon Fried
  2023-06-14 19:51   ` Tom Rini
  1 sibling, 2 replies; 7+ messages in thread
From: seanedmond @ 2023-05-18 19:35 UTC (permalink / raw)
  To: u-boot; +Cc: trini, xypron.glpk, rfried.dev

From: Sean Edmond <seanedmond@microsoft.com>

Change VCI string from "U-boot" to "U-Boot".

Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
---
 net/dhcpv6.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/dhcpv6.h b/net/dhcpv6.h
index 80ca520432..65c8e4c71d 100644
--- a/net/dhcpv6.h
+++ b/net/dhcpv6.h
@@ -38,7 +38,7 @@
 #define DUID_MAX_SIZE		DUID_LL_SIZE /* only supports DUID-LL currently */
 
 /* vendor-class-data to send in vendor clas option */
-#define DHCP6_VCI_STRING	"U-boot"
+#define DHCP6_VCI_STRING	"U-Boot"
 
 #define DHCP6_MULTICAST_ADDR	"ff02::1:2"	/* DHCP multicast address */
 
-- 
2.40.0


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278
  2023-05-18 19:35 ` [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278 seanedmond
@ 2023-06-10 10:44   ` Ramon Fried
  2023-06-14 19:51   ` Tom Rini
  1 sibling, 0 replies; 7+ messages in thread
From: Ramon Fried @ 2023-06-10 10:44 UTC (permalink / raw)
  To: seanedmond; +Cc: u-boot, trini, xypron.glpk

On Thu, May 18, 2023 at 10:35 PM <seanedmond@linux.microsoft.com> wrote:
>
> From: Sean Edmond <seanedmond@microsoft.com>
>
> CID 453851 : sprintf() shouldn't copy from/to tmp
> CID 436278 : DHCP6 option_len should be checked before use
>
> Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
> ---
>  cmd/net.c    | 12 ++++++------
>  net/dhcpv6.c |  5 +++++
>  2 files changed, 11 insertions(+), 6 deletions(-)
>
> diff --git a/cmd/net.c b/cmd/net.c
> index 68d406291e..9e1f40a56e 100644
> --- a/cmd/net.c
> +++ b/cmd/net.c
> @@ -209,7 +209,7 @@ U_BOOT_CMD(
>
>  static void netboot_update_env(void)
>  {
> -       char tmp[44];
> +       char tmp[46];
>
>         if (net_gateway.s_addr) {
>                 ip_to_string(net_gateway, tmp);
> @@ -274,20 +274,20 @@ static void netboot_update_env(void)
>         if (IS_ENABLED(CONFIG_IPV6)) {
>                 if (!ip6_is_unspecified_addr(&net_ip6) ||
>                     net_prefix_length != 0) {
> -                       sprintf(tmp, "%pI6c", &net_ip6);
>                         if (net_prefix_length != 0)
> -                               sprintf(tmp, "%s/%d", tmp, net_prefix_length);
> -
> +                               snprintf(tmp, sizeof(tmp), "%pI6c/%d", &net_ip6, net_prefix_length);
> +                       else
> +                               snprintf(tmp, sizeof(tmp), "%pI6c", &net_ip6);
>                         env_set("ip6addr", tmp);
>                 }
>
>                 if (!ip6_is_unspecified_addr(&net_server_ip6)) {
> -                       sprintf(tmp, "%pI6c", &net_server_ip6);
> +                       snprintf(tmp, sizeof(tmp), "%pI6c", &net_server_ip6);
>                         env_set("serverip6", tmp);
>                 }
>
>                 if (!ip6_is_unspecified_addr(&net_gateway6)) {
> -                       sprintf(tmp, "%pI6c", &net_gateway6);
> +                       snprintf(tmp, sizeof(tmp), "%pI6c", &net_gateway6);
>                         env_set("gatewayip6", tmp);
>                 }
>         }
> diff --git a/net/dhcpv6.c b/net/dhcpv6.c
> index 0d1c600632..73a1067877 100644
> --- a/net/dhcpv6.c
> +++ b/net/dhcpv6.c
> @@ -316,6 +316,11 @@ static void dhcp6_parse_options(uchar *rx_pkt, unsigned int len)
>                 option_ptr = ((uchar *)option_hdr) + sizeof(struct dhcp6_hdr);
>                 option_len = ntohs(option_hdr->option_len);
>
> +               if (option_ptr + option_len > rx_pkt + len) {
> +                       debug("Invalid option length\n");
> +                       return;
> +               }
> +
>                 switch (ntohs(option_hdr->option_id)) {
>                 case DHCP6_OPTION_CLIENTID:
>                         if (memcmp(option_ptr, sm_params.duid, option_len)
> --
> 2.40.0
>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 2/2] net: dhcp6: Fix VCI string
  2023-05-18 19:35 ` [PATCH 2/2] net: dhcp6: Fix VCI string seanedmond
@ 2023-06-10 10:44   ` Ramon Fried
  2023-06-14 19:51   ` Tom Rini
  1 sibling, 0 replies; 7+ messages in thread
From: Ramon Fried @ 2023-06-10 10:44 UTC (permalink / raw)
  To: seanedmond; +Cc: u-boot, trini, xypron.glpk

On Thu, May 18, 2023 at 10:35 PM <seanedmond@linux.microsoft.com> wrote:
>
> From: Sean Edmond <seanedmond@microsoft.com>
>
> Change VCI string from "U-boot" to "U-Boot".
>
> Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
> ---
>  net/dhcpv6.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/dhcpv6.h b/net/dhcpv6.h
> index 80ca520432..65c8e4c71d 100644
> --- a/net/dhcpv6.h
> +++ b/net/dhcpv6.h
> @@ -38,7 +38,7 @@
>  #define DUID_MAX_SIZE          DUID_LL_SIZE /* only supports DUID-LL currently */
>
>  /* vendor-class-data to send in vendor clas option */
> -#define DHCP6_VCI_STRING       "U-boot"
> +#define DHCP6_VCI_STRING       "U-Boot"
>
>  #define DHCP6_MULTICAST_ADDR   "ff02::1:2"     /* DHCP multicast address */
>
> --
> 2.40.0
>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278
  2023-05-18 19:35 ` [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278 seanedmond
  2023-06-10 10:44   ` Ramon Fried
@ 2023-06-14 19:51   ` Tom Rini
  1 sibling, 0 replies; 7+ messages in thread
From: Tom Rini @ 2023-06-14 19:51 UTC (permalink / raw)
  To: seanedmond; +Cc: u-boot, xypron.glpk, rfried.dev

[-- Attachment #1: Type: text/plain, Size: 411 bytes --]

On Thu, May 18, 2023 at 12:35:40PM -0700, seanedmond@linux.microsoft.com wrote:

> From: Sean Edmond <seanedmond@microsoft.com>
> 
> CID 453851 : sprintf() shouldn't copy from/to tmp
> CID 436278 : DHCP6 option_len should be checked before use
> 
> Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
> Reviewed-by: Ramon Fried <rfried.dev@gmail.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 2/2] net: dhcp6: Fix VCI string
  2023-05-18 19:35 ` [PATCH 2/2] net: dhcp6: Fix VCI string seanedmond
  2023-06-10 10:44   ` Ramon Fried
@ 2023-06-14 19:51   ` Tom Rini
  1 sibling, 0 replies; 7+ messages in thread
From: Tom Rini @ 2023-06-14 19:51 UTC (permalink / raw)
  To: seanedmond; +Cc: u-boot, xypron.glpk, rfried.dev

[-- Attachment #1: Type: text/plain, Size: 344 bytes --]

On Thu, May 18, 2023 at 12:35:41PM -0700, seanedmond@linux.microsoft.com wrote:

> From: Sean Edmond <seanedmond@microsoft.com>
> 
> Change VCI string from "U-boot" to "U-Boot".
> 
> Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
> Reviewed-by: Ramon Fried <rfried.dev@gmail.com>

Applied to u-boot/master, thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2023-06-14 19:52 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-05-18 19:35 [PATCH 0/2] *** minor fixes in DHCP6 *** seanedmond
2023-05-18 19:35 ` [PATCH 1/2] net: ipv6: Fix CID 453851 and CID 436278 seanedmond
2023-06-10 10:44   ` Ramon Fried
2023-06-14 19:51   ` Tom Rini
2023-05-18 19:35 ` [PATCH 2/2] net: dhcp6: Fix VCI string seanedmond
2023-06-10 10:44   ` Ramon Fried
2023-06-14 19:51   ` Tom Rini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox