| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1460578025-12224-3-git-send-email-phil@nwl.cc>
Date: Wed, 13 Apr 2016 22:07:05 +0200
From: Phil Sutter <phil@....cc>
To: Stephen Hemminger <shemming@...cade.com>
Cc: Vadim Kochan <vadim4j@...il.com>, netdev@...r.kernel.org
Subject: [iproute PATCH 2/2] ss: Fix accidental state filter override
Passing a filter expression and selecting an address family using the
'-f' flag would overwrite the state filter by accident. Therefore
calling e.g. 'ss -nl -f inet '(sport = :22)' would not only print
listening sockets (as requested by '-l' flag) but connected ones, as
well.
Fix this by reusing the formerly ineffective call to filter_states_set()
to restore the state filter as it was before the call to
filter_af_set().
Signed-off-by: Phil Sutter <phil@....cc>
---
misc/ss.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/ss.c b/misc/ss.c
index d6090018c5dbb..544def3f08ea8 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -1556,9 +1556,10 @@ void *parse_hostcond(char *addr, bool is_port)
out:
if (fam != AF_UNSPEC) {
+ int states = f->states;
f->families = 0;
filter_af_set(f, fam);
- filter_states_set(f, 0);
+ filter_states_set(f, states);
}
res = malloc(sizeof(*res));
--
2.8.0
Powered by blists - more mailing lists