lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 28 May 2010 13:02:40 -0600
From:	Jeffrey Merkey <jeffmerkey@...il.com>
To:	Eric Dumazet <eric.dumazet@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: Question about SIOCGIFCONF

Review of the net-tools source code for IFCONFIG indicates that when
/proc is not loaded and/or /proc/net/dev is not available, IFCONFIG
will attempt to use this ioctl to determine which interfaces are
present in the system.  Since the ioctl will not report unbound
interfaces which are active, IFCONFIG will not properly report or
detect network adapters which are unbound.  This seems to be a hole,
although most of the time I assume /proc will always be mounted.
Someone should review this and make a decision as to whether or not
this could be a problem.  At any rate, it does not work as advertised.

Jeff

On Fri, May 28, 2010 at 12:31 PM, Jeffrey Merkey <jeffmerkey@...il.com> wrote:
> Actually,  I verified last night it only returns interfaces which have
> been bound to an IP address.  It does not return any interfaces which
> are active but for which an IP address has not been bound.  So what I
> said is accurate.  it's fucking busted.
>
> /proc/net/dev returns ALL interfaces.  this ioctl does not.
>
> Jeff
>
> On Thu, May 27, 2010 at 10:57 PM, Eric Dumazet <eric.dumazet@...il.com> wrote:
>> Le jeudi 27 mai 2010 à 21:02 -0600, Jeffrey Merkey a écrit :
>>> Why is SIOGICONF only instrumented to return a single interface lo for
>>> example.  I noticed that ifconfig always uses /proc/net/dev but the
>>> older SIOCGIFCONF ioctl seems to be busted.  Anyone have an
>>> explanation or is this just how the shit is these days or is the
>>> fucking thing broken (seems to be). ?
>>
>> Shit comes from you eyes maybe ?
>>
>> Correction : Shit comes from your eyes, definitely.
>>
>> Proof :
>>
>> # strace -o /tmp/STRACE ifconfig -a
>> # grep SIOCGIFCONF /tmp/STRACE
>> ioctl(4, SIOCGIFCONF, {120, {{"lo", {AF_INET, inet_addr("127.0.0.1")}},
>> {"wlan0", {AF_INET, inet_addr("192.168.1.21")}}, {"ppp0", {AF_INET,
>> inet_addr("10.150.51.210")}}}}) = 0
>>
>>
>> Part of ifconfig :
>>
>>    ifc.ifc_buf = NULL;
>>    for (;;) {
>>        ifc.ifc_len = sizeof(struct ifreq) * numreqs;
>>        ifc.ifc_buf = xrealloc(ifc.ifc_buf, ifc.ifc_len);
>>
>>        if (ioctl(skfd, SIOCGIFCONF, &ifc) < 0) {
>>            perror("SIOCGIFCONF");
>>            goto out;
>>        }
>>        if (ifc.ifc_len == sizeof(struct ifreq) * numreqs) {
>>            /* assume it overflowed and try again */
>>            numreqs += 10;
>>            continue;
>>        }
>>        break;
>>    }
>>
>> maybe numreqs should be firt initialized to 64, then doubled each
>> round...
>>
>>
>>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ