On Fri, Aug 18, 2017 at 09:32:52AM +, David Laight wrote:
> From: Phil Sutter
> > Sent: 17 August 2017 18:10
> > This prevents word-splitting and therefore leads to more accurate error
> > message in case 'grep -c' prints something other than a number.
> >
> &
Hi David,
On Fri, Aug 18, 2017 at 09:19:16AM +, David Laight wrote:
> From: Phil Sutter
> > Sent: 17 August 2017 18:09
> > To: Stephen Hemminger
> > Cc: netdev@vger.kernel.org
> > Subject: [iproute PATCH v2 1/7] ipntable: Make sure filter.name is
> > NU
On Fri, Aug 18, 2017 at 09:21:34AM +, David Laight wrote:
> From: Phil Sutter
> > Sent: 17 August 2017 18:10
> > Signed-off-by: Phil Sutter <p...@nwl.cc>
> > ---
> > ip/iproute_lwtunnel.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> &
On Thu, Aug 17, 2017 at 09:48:50PM +0200, Jiri Pirko wrote:
> Thu, Aug 17, 2017 at 07:09:25PM CEST, p...@nwl.cc wrote:
> >dl_argv_handle_both() will either assign to handle_bit or error out in
> >which case the variable is not used by the caller.
>
> I'm pretty sure that I did this to silence the
On Thu, Aug 17, 2017 at 07:09:25PM +0200, Phil Sutter wrote:
> The buffer is accessed outside of the function defining it, so make it
> static.
>
> Signed-off-by: Phil Sutter <p...@nwl.cc>
Self-NACK: Access to flushb should be sane since all accessors are
called from ipadd
Looks like this was forgotten when converting to common json output
formatter.
Fixes: fcc16c2287bf8 ("provide common json output formatter")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ifstat.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/misc
This series collects patches from v1 which deal with dead code, either
by removing it or changing context so it is accessed again if that makes
sense.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (7):
devlink: No need for this self-assignment
ipntable
Relying upon callers and using unsafe strcpy() is probably not the best
idea. Aside from that, using snprintf() allows to format the string for
lf->path in one go.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/xfrm_state.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index e11c93bf1c3b5..7c0389038986e 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -125,7 +125,8 @@ static int xfrm_algo
This series collects patches from v1 which deal with potential memory leaks.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (5):
ipvrf: Fix error path of vrf_switch()
ifstat: Fix memleak in error case
ifstat: Fix memleak in dump_kern_db() for json output
Hi,
Cc'ing Cyrill who wrote the code in question. Maybe he has an idea
what's going wrong here.
Cheers, Phil
On Mon, May 08, 2017 at 06:56:04PM -0700, Li Er wrote:
> i'm using v4.11.0 release of iproute2 and kernel 3.10.105, simply
> running
>
> $ ss
> Netid State Recv-Q
From: Phil Sutter <psut...@redhat.com>
This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
are still not usable with this patch, but at least tc doesn't crash
anymore when one tries to use them.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/m_xt.c | 5 -
1
Brief output is especially useful for new users, so at least mention
it's existence in ip man page.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
man/man8/ip.8 | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/man/man8/ip.8 b/man/man8/ip.8
index 1c5a741
Hi,
On Thu, May 04, 2017 at 09:43:56AM -0700, Stephen Hemminger wrote:
> On Thu, 04 May 2017 10:41:03 -0400 (EDT)
> David Miller wrote:
>
> > From: David Ahern
> > Date: Thu, 4 May 2017 08:27:35 -0600
> >
> > > On 5/4/17 3:36 AM, Daniel Borkmann wrote:
On Thu, Sep 21, 2017 at 08:14:11PM +0200, Thomas Haller wrote:
> Signed-off-by: Thomas Haller
Fixes: 4ec1933dfddfc ("Update ip.8 man page to describe route table id values")
(So that bug is over 7 years old. :)
Cheers, Phil
On Thu, Oct 12, 2017 at 09:07:06AM -0700, Stephen Hemminger wrote:
> On Wed, 11 Oct 2017 13:10:07 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > On Tue, Oct 10, 2017 at 09:47:43AM -0700, Stephen Hemminger wrote:
> > > On Tue, 10 Oct 2017 08:41:17 +0200
> >
Hi,
On Fri, Oct 13, 2017 at 09:57:37AM +, Humberto Alves wrote:
> Hi! With the last iproute2 release, ss command output does not
> differentiate between any-address IPv4 sockets from the IPv6 ones.
> I don't know if this is an expected behaviour, but the old output looks
> more useful.
On Tue, Oct 10, 2017 at 09:47:43AM -0700, Stephen Hemminger wrote:
> On Tue, 10 Oct 2017 08:41:17 +0200
> Michal Kubecek <mkube...@suse.cz> wrote:
>
> > On Mon, Oct 09, 2017 at 10:25:25PM +0200, Phil Sutter wrote:
> > > Hi Stephen,
> > >
> > > O
Hi Hangbin,
On Fri, Sep 08, 2017 at 06:14:56PM +0800, Hangbin Liu wrote:
[...]
> diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> index be7ac86..37cfb5a 100644
> --- a/lib/libnetlink.c
> +++ b/lib/libnetlink.c
> @@ -402,6 +402,59 @@ static void rtnl_dump_error(const struct rtnl_handle
> *rth,
Hi Hangbin,
On Fri, Sep 08, 2017 at 06:14:57PM +0800, Hangbin Liu wrote:
[...]
> diff --git a/genl/ctrl.c b/genl/ctrl.c
> index 448988e..699657b 100644
> --- a/genl/ctrl.c
> +++ b/genl/ctrl.c
> @@ -55,6 +55,7 @@ int genl_ctrl_resolve_family(const char *family)
> };
> struct nlmsghdr
Hi,
On Fri, Sep 08, 2017 at 10:01:31PM +0800, Hangbin Liu wrote:
[...]
> > > diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> > > index be7ac86..37cfb5a 100644
> > > --- a/lib/libnetlink.c
> > > +++ b/lib/libnetlink.c
> > > @@ -402,6 +402,59 @@ static void rtnl_dump_error(const struct
On Tue, Sep 12, 2017 at 04:58:12PM +0200, Phil Sutter wrote:
> Obviously, 'addr showdump' feature wasn't adjusted to json output
> support. As a consequence, calls to print_string() in print_addrinfo()
> tried to dereference a NULL FILE pointer.
Please ignore this patch - it generates
json output")
Signed-off-by: Phil Sutter <p...@nwl.cc>
--
Changes since v1:
Align json output with that of 'ip -j addr show':
- Interface index label is 'ifindex', not 'index' and it doesn't belong
to 'addr_info' array.
- Create one 'addr_info' array per dumped address, not one for all.
--
Obviously, 'addr showdump' feature wasn't adjusted to json output
support. As a consequence, calls to print_string() in print_addrinfo()
tried to dereference a NULL FILE pointer.
Fixes: d0e720111aad2 ("ip: ipaddress.c: add support for json output")
Signed-off-by: Phil Sutter <p...@nw
strlcat() by avoiding the call to strlcpy() if dst string is
already full, not just as sanity check.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/utils.c | 12
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lib/utils.c b/lib/utils.c
index 330ab073c2068..bbd3cbc
Since addattrstrz() will copy the provided string into the attribute
payload, there is no need to cache the data.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/f_flower.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 934832e
On Tue, Sep 26, 2017 at 02:08:49PM +0300, Baruch Siach wrote:
[...]
> diff --git a/configure b/configure
> index 7be8fb113cc9..787b2e061af9 100755
> --- a/configure
> +++ b/configure
> @@ -326,6 +326,27 @@ EOF
> rm -f $TMPDIR/dbtest.c $TMPDIR/dbtest
> }
>
> +check_strlcpy()
> +{
> +cat
using ll_name_to_index(),
so if_nametoindex() will perform the necessary checks already.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v1:
- added missing check to tc/f_flower.c
- Drop some useless checks from ip/ip{6,}tunnel.c (ll_name_to_index()
will detect illegal interface
:
- Patches 1 and 2 introduced.
- Changes to patch 3 are listed in there.
Phil Sutter (3):
ip{6,}tunnel: Avoid copying user-supplied interface name around
tc: flower: No need to cache indev arg
Check user supplied interface name lengths
include/utils.h | 1 +
ip/ip6tunnel.c | 9
until the later lookup/strcpy.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ip6tunnel.c | 6 +++---
ip/iptunnel.c | 22 +-
2 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/ip/ip6tunnel.c b/ip/ip6tunnel.c
index b4a7def144226..c12d700e74189 100644
--
On Wed, Sep 27, 2017 at 08:42:49AM +0100, Stephen Hemminger wrote:
> On Tue, 26 Sep 2017 18:35:45 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > This series adds explicit checks for user-supplied interface names to
> > make sure their length fits Linux's requireme
although they are not.
Fix this by taking mxlock value for the given metric into account before
skipping it if it is not present.
Reported-by: Thomas Haller <thal...@redhat.com>
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/iproute.c | 4 ++--
1 file changed, 2 insertions(+), 2 deleti
On Fri, Sep 29, 2017 at 10:31:07AM -0700, Stephen Hemminger wrote:
[...]
> I was thinking something like:
>
>
>
> diff --git a/include/utils.h b/include/utils.h
> index c9ed230b9604..e2702b56f2e0 100644
> --- a/include/utils.h
> +++ b/include/utils.h
> @@ -105,6 +105,8 @@ int get_be64(__be64
Since addattrstrz() will copy the provided string into the attribute
payload, there is no need to cache the data.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/f_flower.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 934832e
and is therefore looked up using ll_name_to_index(),
so if_nametoindex() will perform the necessary checks already.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Change implementation of check_ifname() and add get_ifname() just as
Stephen suggested with one exception: Call s
until the later lookup/strcpy.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ip6tunnel.c | 6 +++---
ip/iptunnel.c | 22 +-
2 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/ip/ip6tunnel.c b/ip/ip6tunnel.c
index b4a7def144226..c12d700e74189 100644
--
:
- Changed patch 3 as suggested in review.
Changes since v1:
- Patches 1 and 2 introduced.
- Changes to patch 3 are listed in there.
Phil Sutter (3):
ip{6,}tunnel: Avoid copying user-supplied interface name around
tc: flower: No need to cache indev arg
Check user supplied interface name lengths
This series collects patches from v1 which eliminate possible cases of
NULL pointer dereferences.
Changes since v2:
- Rebased onto current master branch.
- Adjusted patches according to feedback.
Phil Sutter (5):
ifstat, nstat: Check fdopen() return value
nstat: Fix for potential NULL
The later check for 'k[0] != 0' requires a non-empty filter name,
otherwise NULL pointer dereference in 'q' might happen.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Instead of calling strlen(), just make sure **argv is not 0.
---
tc/tc_filter.c | 3 +++
1 file chan
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Keep assignment and check in separate statements.
---
tipc/bearer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tipc/bearer.c b/tipc/bearer.c
index c3d4491f8f6ef..0d84570150624 100644
--- a/tipc/be
If the string at 'p' contains neither space not newline, 'p' will become
NULL. Make sure this isn't the case before dereferencing it.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Call abort() if 'p' becomes NULL.
---
misc/nstat.c | 2 ++
1 file changed, 2 insertions(+)
Prevent passing NULL FILE pointer to fgets() later.
Fix both tools in a single patch since the code changes are basically
identical.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ifstat.c | 16 +++-
misc/nstat.c | 16 +++-
2 files changed, 22 insertions(
multiq_parse_opt() doesn't change 'opt' at all. So at least make sure
it doesn't fill TCA_OPTIONS attribute with garbage from stack.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/q_multiq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/q_multiq.c b/tc/q_multiq.c
can_state_names array contains at most CAN_STATE_MAX fields, so allowing
an index to it to be equal to that number is wrong. While here, also
make sure the array is indeed that big so nothing bad happens if
CAN_STATE_MAX ever increases.
Signed-off-by: Phil Sutter <p...@nwl.cc>
-
Otherwise info.st_size may contain garbage.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
netem/maketable.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/netem/maketable.c b/netem/maketable.c
index 6aff927be7040..ad660e7d457f0 100644
--- a/netem/maketable.c
+++ b
If no address was given, ipaddr_modify() accesses uninitialized data
when assigning to req.ifa.ifa_prefixlen.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipaddress.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ip/ipaddress.c b/ip/ipaddress.c
index 4d37c5e
This has the additional benefit of initializing st.ino to zero which is
used later in is_sctp_assoc() function.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index 10360e5
Looks like this can only happen if /proc/net/igmp is malformed, but
better be sure.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipmaddr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c
index 4f726fdd976f1..85a69e779563d 100644
--
This series collects patches from v1 which resolve situations where
garbage might be read, either due to missing initialization of
variables or accessing data which went out of scope.
Changes since v2:
- Rebased onto current master branch.
- Dropped first patch since it is not a real issue.
Phil
Assuming 'opt' might be NULL, move the call to RTA_PAYLOAD to after the
check since it dereferences its parameter.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Dropped empty line between assignment and check.
---
tc/q_netem.c | 3 ++-
1 file changed, 2 insertions
If fopen() succeeded but len != PATH_MAX, the function leaks the open
FILE pointer. Fix this by checking len value before calling fopen().
Signed-off-by: Phil Sutter <p...@nwl.cc>
Acked-by: Daniel Borkmann <dan...@iogearbox.net>
---
No change since v1, just resubmitting - I f
On Mon, Aug 21, 2017 at 05:23:23PM -0700, Stephen Hemminger wrote:
> On Mon, 21 Aug 2017 19:08:07 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > Introduce a wrapper which does the sanity checking and returns NULL
> > in case fd is invalid.
> >
> >
On Mon, Aug 21, 2017 at 05:28:20PM -0700, Stephen Hemminger wrote:
> On Mon, 21 Aug 2017 15:23:36 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > Signed-off-by: Phil Sutter <p...@nwl.cc>
> > ---
> > ip/xfrm_state.c | 3 ++-
> > 1 file changed, 2 ins
The original issue was that filter.name might end up unterminated if
user provided string was too long. But in fact it is not necessary to
copy the commandline parameter at all: just make filter.name point to it
instead.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipntable.c | 6 +++
would overwrite the previously NULL'ed 'k[15]'. Also, the
sanitization has to happen if 'tname' is exactly 16 bytes long as
well.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/m_xt.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tc/m_xt.c b/tc/
upstream.
Changes since v2:
- Rebased onto current upstream master branch.
- Replaced patches 1, 4 and 7 by more appropriate ones given feedback
from v2 review.
Phil Sutter (7):
ipntable: Avoid memory allocation for filter.name
xfrm_state: Make sure alg_name is NULL-terminated
lib/fs: Fix format
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/xfrm_state.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index e11c93bf1c3b5..7c0389038986e 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -125,7 +125,8 @@ static int xfrm_algo
Relying upon callers and using unsafe strcpy() is probably not the best
idea. Aside from that, using snprintf() allows to format the string for
lf->path in one go.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions
in get_u8() to find out whether passed 'buf' contains a valid
decimal number instead of checking the first character's value manually.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/inet_proto.c | 24 +---
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git
Instead of having a fixed buffer of 16 bytes for the interface name,
tailor size of new ll_cache entry using the interface name's actual
length. This also makes sure the following call to strcpy() is safe.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/ll_map.c | 4 ++--
1 file chan
A field width of 4096 allows fscanf() to store that amount of characters
into the given buffer, though that doesn't include the terminating NULL
byte. Decrease the value by one to leave space for it.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/fs.c | 2 +-
1 file changed, 1 insertion
de returned from
netlink reply")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index fcc3cf9282c49..2c9e80e696595 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -2753,7 +2753,7
Both addattr_l() and rta_addattr_l() may be called with NULL data
pointer and 0 alen parameters. Avoid calling memcpy() in that case.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/libnetlink.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/libnetlink.c
for negative values.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index 34c6da5443642..c41d5169aba52 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -697,8 +697,8 @@ struct dctcpstat {
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/ss.c b/misc/ss.c
index c41d5169aba52..951aa877bcb01 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -3148,7 +3148,8 @@ static int unix_show(struct fil
This is merely to silence the compiler warning. If write to stderr
failed, assume that printing an error message will fail as well so don't
even try.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/bpf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bpf.c b/lib
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
netem/maketable.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/netem/maketable.c b/netem/maketable.c
index ad660e7d457f0..ccb8f0c68b062 100644
--- a/netem/maketable.c
+++ b/netem/maketable.c
@@ -38,8 +38,8 @@ readdouble
Calling stat() before mkdir() is racey: The entry might change in
between. Also, the call to stat() seems to exist only to check if the
directory exists already. So simply call mkdir() unconditionally and
catch only errors other than EEXIST.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
li
This series collects patches from v1 addressing miscellaneous issues
detected by covscan.
Changes since v2:
- Dropped patch 1 since v2 discussion is still inconclusive.
- Replaced patch 2 by a more appropriate one given feedback from v2.
Phil Sutter (6):
ss: Make struct tcpstat fields 'timer
The later check for 'k[0] != 0' requires a non-empty filter name,
otherwise NULL pointer dereference in 'q' might happen.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Instead of calling strlen(), just make sure **argv is not 0.
---
tc/tc_filter.c | 3 +++
1 file chan
Assuming 'opt' might be NULL, move the call to RTA_PAYLOAD to after the
check since it dereferences its parameter.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Dropped empty line between assignment and check.
---
tc/q_netem.c | 3 ++-
1 file changed, 2 insertions
This series collects patches from v1 which eliminate possible cases of
NULL pointer dereferences.
Changes since v3:
- Dropped upstream rejected patch 2.
Phil Sutter (4):
ifstat, nstat: Check fdopen() return value
tc/q_netem: Don't dereference possibly NULL pointer
tc/tc_filter: Make sure
Prevent passing NULL FILE pointer to fgets() later.
Fix both tools in a single patch since the code changes are basically
identical.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ifstat.c | 16 +++-
misc/nstat.c | 16 +++-
2 files changed, 22 insertions(
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Keep assignment and check in separate statements.
---
tipc/bearer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tipc/bearer.c b/tipc/bearer.c
index c3d4491f8f6ef..0d84570150624 100644
--- a/tipc/be
Instead of having a fixed buffer of 16 bytes for the interface name,
tailor size of new ll_cache entry using the interface name's actual
length. This also makes sure the following call to strcpy() is safe.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/ll_map.c | 4 ++--
1 file chan
would overwrite the previously NULL'ed 'k[15]'. Also, the
sanitization has to happen if 'tname' is exactly 16 bytes long as
well.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/m_xt.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tc/m_xt.c b/tc/
Relying upon callers and using unsafe strcpy() is probably not the best
idea. Aside from that, using snprintf() allows to format the string for
lf->path in one go.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions
upstream.
Changes since v3:
- Dropped patch 2 since upstream discussion in v3 is not conclusive yet.
Phil Sutter (6):
ipntable: Avoid memory allocation for filter.name
lib/fs: Fix format string in find_fs_mount()
lib/inet_proto: Review inet_proto_{a2n,n2a}()
lnstat_util: Simplify alloc_and_open
The original issue was that filter.name might end up unterminated if
user provided string was too long. But in fact it is not necessary to
copy the commandline parameter at all: just make filter.name point to it
instead.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipntable.c | 6 +++
in get_u8() to find out whether passed 'buf' contains a valid
decimal number instead of checking the first character's value manually.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/inet_proto.c | 24 +---
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git
A field width of 4096 allows fscanf() to store that amount of characters
into the given buffer, though that doesn't include the terminating NULL
byte. Decrease the value by one to leave space for it.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/fs.c | 2 +-
1 file changed, 1 insertion
Signed-off-by: Phil Sutter <p...@nwl.cc>
Acked-by: David Ahern <dsah...@gmail.com>
---
Changes since v1:
- Remove double newline addon.
- Added David's ACK from v1 review.
---
ip/iplink_vrf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ip/iplink_vrf.c b/ip/
On Mon, Aug 21, 2017 at 02:53:46PM +, David Laight wrote:
> From: Phil Sutter
> > Sent: 21 August 2017 11:03
> > To: Stephen Hemminger
> > Cc: netdev@vger.kernel.org
> > Subject: [iproute PATCH v3 4/5] tc/tc_filter: Make sure filter name is not
> > empty
This function shouldn't fail because all callers of
__dl_argv_handle_port() make sure the passed string contains enough
slashes already, but better make sure if this changes in future the
function won't access uninitialized data.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
devlink/dev
This series collects patches from v1 dealing with spots where error
checking is necessary or recommended.
Minor changes to patches 1 and 2, patch 3 remains unchanged.
Phil Sutter (3):
iproute: Check mark value input
iplink_vrf: Complain if main table is not found
devlink: Check return code
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v1:
- Drop newline from end of error message, invarg() already does that.
---
ip/iproute.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/ip/iproute.c b/ip/iproute.c
index cb695ad4141a7..5936e2a978bc7
Both addattr_l() and rta_addattr_l() may be called with NULL data
pointer and 0 alen parameters. Avoid calling memcpy() in that case.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/libnetlink.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/libnetlink.c
Introduce a wrapper which does the sanity checking and returns NULL
in case fd is invalid.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/nstat.c | 15 +++
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/misc/nstat.c b/misc/nstat.c
index 1212b1f2c8128..7cdde75
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
netem/maketable.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/netem/maketable.c b/netem/maketable.c
index 6aff927be7040..517f1dc461e8a 100644
--- a/netem/maketable.c
+++ b/netem/maketable.c
@@ -38,8 +38,8 @@ readdouble
This is merely to silence the compiler warning. If write to stderr
failed, assume that printing an error message will fail as well so don't
even try.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/bpf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bpf.c b/lib
This shouldn't happen but relying upon external data without checking
may lead to unexpected results.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/misc/ss.c b/misc/ss.c
index 10360e5a04ff8..1ee02d73b2d7f
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/ss.c b/misc/ss.c
index 1ee02d73b2d7f..6c091a694231e 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -3151,7 +3151,8 @@ static int unix_show(struct fil
This series collects patches from v1 addressing miscellaneous issues
detected by covscan.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (7):
nstat: Avoid passing negative fd to fdopen()
ss: Make sure index variable is >= 0
ss: Make sure scanned in
Calling stat() before mkdir() is racey: The entry might change in
between. Also, the call to stat() seems to exist only to check if the
directory exists already. So simply call mkdir() unconditionally and
catch only errors other than EEXIST.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
li
Looks like this can only happen if /proc/net/igmp is malformed, but
better be sure.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipmaddr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c
index 4f726fdd976f1..85a69e779563d 100644
--
can_state_names array contains at most CAN_STATE_MAX fields, so allowing
an index to it to be equal to that number is wrong. While here, also
make sure the array is indeed that big so nothing bad happens if
CAN_STATE_MAX ever increases.
Signed-off-by: Phil Sutter <p...@nwl.cc>
-
This series collects patches from v1 which deal with programming
mistakes in shell scripts.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (2):
examples: Some shell fixes to cbq.init
ifcfg: Quote left-hand side of [ ] expression
examples/cbq.init-v0.7.3
This patch converts spots where manual buffer termination was missing to
strlcpy() since that does what is needed.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
genl/ctrl.c | 2 +-
ip/ipvrf.c | 2 +-
ip/xfrm_state.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff
Can't use strlcpy() here since lnstat is not linked against libutil.
While being at it, fix coding style in that chunk as well.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/lnstat_util.c
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipxfrm.c | 21 +
1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
index d5eb22e25476a..12c2f721571b6 100644
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -40,17 +40,6 @@
#include "
801 - 900 of 1052 matches
Mail list logo