| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5faa18319b71_3e187208f@john-XPS-13-9370.notmuch>
Date: Mon, 09 Nov 2020 20:33:53 -0800
From: John Fastabend <john.fastabend@...il.com>
To: Wang Hai <wanghai38@...wei.com>, quentin@...valent.com,
mrostecki@...nsuse.org, john.fastabend@...il.com
Cc: ast@...nel.org, daniel@...earbox.net, kafai@...com,
songliubraving@...com, yhs@...com, andrii@...nel.org,
kpsingh@...omium.org, toke@...hat.com, danieltimlee@...il.com,
bpf@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: RE: [PATCH v2 bpf] tools: bpftool: Add missing close before bpftool
net attach exit
Wang Hai wrote:
> progfd is created by prog_parse_fd(), before 'bpftool net attach' exit,
> it should be closed.
>
> Fixes: 04949ccc273e ("tools: bpftool: add net attach command to attach XDP on interface")
> Signed-off-by: Wang Hai <wanghai38@...wei.com>
> ---
> v1->v2: use cleanup tag instead of repeated closes
> tools/bpf/bpftool/net.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/tools/bpf/bpftool/net.c b/tools/bpf/bpftool/net.c
> index 910e7bac6e9e..1ac7228167e6 100644
> --- a/tools/bpf/bpftool/net.c
> +++ b/tools/bpf/bpftool/net.c
> @@ -578,8 +578,8 @@ static int do_attach(int argc, char **argv)
>
> ifindex = net_parse_dev(&argc, &argv);
> if (ifindex < 1) {
> - close(progfd);
> - return -EINVAL;
> + err = -EINVAL;
> + goto cleanup;
> }
>
> if (argc) {
> @@ -587,8 +587,8 @@ static int do_attach(int argc, char **argv)
> overwrite = true;
> } else {
> p_err("expected 'overwrite', got: '%s'?", *argv);
> - close(progfd);
> - return -EINVAL;
> + err = -EINVAL;
> + goto cleanup;
> }
> }
>
> @@ -600,13 +600,15 @@ static int do_attach(int argc, char **argv)
I think now that return value depends on this err it should be 'if (err)'
otherwise we risk retunring non-zero error code from do_attach which
will cause programs to fail.
> if (err < 0) {
^^^^^^^^^^^^
if (err) {
> p_err("interface %s attach failed: %s",
> attach_type_strings[attach_type], strerror(-err));
> - return err;
> + goto cleanup;
> }
>
> if (json_output)
> jsonw_null(json_wtr);
>
> - return 0;
Alternatively we could add an 'err = 0' here, but above should never
return a value >0 as far as I can see.
Thanks,
John
> +cleanup:
> + close(progfd);
> + return err;
> }
>
> static int do_detach(int argc, char **argv)
> --
> 2.17.1
>
Powered by blists - more mailing lists