lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 29 May 2015 15:02:09 -0700
From:	Stephen Hemminger <stephen@...workplumber.org>
To:	Vadim Kochan <vadim4j@...il.com>
Cc:	netdev@...r.kernel.org, eric.dumazet@...il.com,
	daniel@...earbox.net, jose.r.guzman.mosqueda@...el.com
Subject: Re: [PATCH iproute2 v2] ss: Fix allocation of cong control alg name

On Fri, 29 May 2015 21:09:54 +0300
Vadim Kochan <vadim4j@...il.com> wrote:

> From: Vadim Kochan <vadim4j@...il.com>
> 
> Used 16 char array for cong alg name instead of malloc.
> 
> Fixes: 8250bc9ff4e5 ("ss: Unify inet sockets output")
> Reported-by: Jose R. Guzman Mosqueda <jose.r.guzman.mosqueda@...el.com>
> Signed-off-by: Vadim Kochan <vadim4j@...il.com>
> ---
> v2:
>    Used 16 byte array for cong alg name instead of malloc
>    	suggested by Eric Dumazet <eric.dumazet@...il.com>
> 
>  misc/ss.c | 12 +++++-------
>  1 file changed, 5 insertions(+), 7 deletions(-)
> 
> diff --git a/misc/ss.c b/misc/ss.c
> index 347e3a1..0bab8a2 100644
> --- a/misc/ss.c
> +++ b/misc/ss.c
> @@ -755,7 +755,7 @@ struct tcpstat
>  	int		    timer;
>  	int		    timeout;
>  	int		    probes;
> -	char		    *cong_alg;
> +	char		    cong_alg[16];
>  	double		    rto, ato, rtt, rttvar;
>  	int		    qack, cwnd, ssthresh, backoff;
>  	double		    send_bps;
> @@ -1664,7 +1664,7 @@ static void tcp_stats_print(struct tcpstat *s)
>  		printf(" ecnseen");
>  	if (s->has_fastopen_opt)
>  		printf(" fastopen");
> -	if (s->cong_alg)
> +	if (s->cong_alg[0])
>  		printf(" %s", s->cong_alg);
>  	if (s->has_wscale_opt)
>  		printf(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale);
> @@ -1907,9 +1907,9 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
>  		}
>  
>  		if (tb[INET_DIAG_CONG]) {
> -			const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]);
> -			s.cong_alg = malloc(strlen(cong_attr + 1));
> -			strcpy(s.cong_alg, cong_attr);
> +			strncpy(s.cong_alg,
> +					rta_getattr_str(tb[INET_DIAG_CONG]),
> +					sizeof(s.cong_alg) - 1);
>  		}
>  
>  		if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {
> @@ -1984,8 +1984,6 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
>  		tcp_stats_print(&s);
>  		if (s.dctcp)
>  			free(s.dctcp);
> -		if (s.cong_alg)
> -			free(s.cong_alg);
>  	}
>  }
>  

Why not use strdupa? I handles arbitrary size?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ