netdev - [net-ipv4] question about arguments position

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <20170504110755.Horde.9md-X4baf8TwOEKjGrXkelZ@gator4166.hostgator.com>
Date:   Thu, 04 May 2017 11:07:54 -0500
From:   "Gustavo A. R. Silva" <garsilva@...eddedor.com>
To:     "David S. Miller" <davem@...emloft.net>,
        Alexey Kuznetsov <kuznet@....inr.ac.ru>,
        James Morris <jmorris@...ei.org>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Patrick McHardy <kaber@...sh.net>
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [net-ipv4] question about arguments position


Hello everybody,

While looking into Coverity ID 1357474 I ran into the following piece  
of code at net/ipv4/inet_diag.c:392:

struct sock *inet_diag_find_one_icsk(struct net *net,
                                      struct inet_hashinfo *hashinfo,
                                      const struct inet_diag_req_v2 *req)
{
         struct sock *sk;

         rcu_read_lock();
         if (req->sdiag_family == AF_INET)
                 sk = inet_lookup(net, hashinfo, NULL, 0, req->id.idiag_dst[0],
                                  req->id.idiag_dport, req->id.idiag_src[0],
                                  req->id.idiag_sport, req->id.idiag_if);
#if IS_ENABLED(CONFIG_IPV6)
         else if (req->sdiag_family == AF_INET6) {
                 if (ipv6_addr_v4mapped((struct in6_addr  
*)req->id.idiag_dst) &&
                     ipv6_addr_v4mapped((struct in6_addr *)req->id.idiag_src))
                         sk = inet_lookup(net, hashinfo, NULL, 0,  
req->id.idiag_dst[3],
                                          req->id.idiag_dport,  
req->id.idiag_src[3],
                                          req->id.idiag_sport,  
req->id.idiag_if);
                 else
                         sk = inet6_lookup(net, hashinfo, NULL, 0,
                                           (struct in6_addr  
*)req->id.idiag_dst,
                                           req->id.idiag_dport,
                                           (struct in6_addr  
*)req->id.idiag_src,
                                           req->id.idiag_sport,
                                           req->id.idiag_if);
         }
#endif

The issue here is that the position of arguments in the call to  
inet_lookup() and inet6_lookup() functions do not match the order of  
the parameters:

req->id.idiag_dport is passed to sport
req->id.idiag_sport is passed to dport

These are the function prototypes:

static inline struct sock *inet_lookup(struct net *net,
				       struct inet_hashinfo *hashinfo,
				       struct sk_buff *skb, int doff,
				       const __be32 saddr, const __be16 sport,
				       const __be32 daddr, const __be16 dport,
				       const int dif)

struct sock *inet6_lookup(struct net *net, struct inet_hashinfo *hashinfo,
			  struct sk_buff *skb, int doff,
			  const struct in6_addr *saddr, const __be16 sport,
			  const struct in6_addr *daddr, const __be16 dport,
			  const int dif)

My question here is if this is intentional?

In case it is not, I will send a patch to fix it. But first it would  
be great to hear any comment about it.

Thank you!
--
Gustavo A. R. Silva