On Wed, Jun 15, 2016 at 09:23:11AM +0000, Fabien Siron wrote:
> Quoting Dmitry V. Levin (2016-06-14 12:03:47)
> > On Mon, Jun 13, 2016 at 02:37:23PM +0000, Fabien Siron wrote:
> > [...]
> > > +static void
> > > +send_query(const int fd)
> > > +{
> > > + struct {
> > > + struct nlmsghdr nlh;
> > > + char magic[4];
> > > + } req = {
> > > + .nlh = {
> > > + .nlmsg_len = sizeof(req),
> > > + .nlmsg_type = SOCK_DIAG_BY_FAMILY,
> > > + .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST
> > > + },
> > > + .magic = "abcd"
> > > + };
> > > +
> > > + if (sendto(fd, &req, sizeof(req), MSG_DONTWAIT, NULL, 0) <= 0)
> > > + perror_msg_and_skip("sendto");
> >
> > Why <= 0? The next statement assumes == (unsigned) sizeof(req).
>
> Indeed.
>
> >
> > > +
> > > + printf("sendto(%d, {{len=%u, type=20, flags=NLM_F_REQUEST|0x300, "
> > > + "seq=0, pid=0}, \"abcd\"}, 20, MSG_DONTWAIT, NULL, 0) =
> > > %u\n",
> > > + fd, (unsigned) sizeof(req), (unsigned) sizeof(req));
> >
> > Please do not encode values of constants into output strings verbatim.
>
> Well, the size of the magic must be aligned on 4 characters to avoid '\0'
> stuff.I don't see any issues with initialization of req.magic. Potentially problematic strings are "20" and "0x300". -- ldv
pgpCWk4htmivR.pgp
Description: PGP signature
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________ Strace-devel mailing list Strace-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/strace-devel
