lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <B1BDF08B4A5F7B4A9F894A239CD487B39B41EBBA@dggeml505-mbx.china.huawei.com>
Date:   Sat, 27 Oct 2018 01:34:25 +0000
From:   Suoben <suoben@...wei.com>
To:     Stephen Hemminger <stephen@...workplumber.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     "Wencongyang (UVP)" <wencongyang2@...wei.com>,
        sangxu <sangxu@...wei.com>, guijianfeng <guijianfeng@...wei.com>,
        "Wanghui (John)" <john.wanghui@...wei.com>,
        "chenminhua (A)" <chenminhua1@...wei.com>
Subject: [Bug?] ss command display unix domain port overflow


> Dear all,
> 
> When l use ss command to display unix domain socket, the ss shows as below, the local address port and peer address port may overflow which looks like equal to the socket fd inode .
> 
> /**********
> # ss –apx
> Netid  State      Recv-Q Send-Q     Local Address:Port                                                                      Peer Address:Port
> u_str  ESTAB      0      0         /var/run/libvirt/libvirt-sock -1351067523                                                    * -1351073721           users:(("libvirtd",pid=2295,fd=39))
> u_str  ESTAB      0      0         /var/run/libvirt/libvirt-sock -1351121518                                                    * -1351223988           users:(("libvirtd",pid=2295,fd=21))
> u_str  ESTAB      0      0         /var/run/libvirt/libvirt-sock -1351245849                                                    * -1351128250           users:(("libvirtd",pid=2295,fd=40))
> u_str  ESTAB      0      0         /var/run/libvirt/libvirt-sock -1351042552                                                    * -1351050742           users:(("libvirtd",pid=2295,fd=51))
> 
> #ll /proc/2295/fd/51
> lrwx------ 1 root root 64 Oct 10 10:34 51 -> socket:[2943924744]
> 
> **********/
> 
> When I read the iproute source code., I find that the ‘lport’ and 
> ‘rport’ was defined as type ‘int’ in ‘struct sockstat’, which I think 
> should be ‘unsigned int’, also the ‘fd’ in ‘struct user_ent’ should 
> be.  And,
> 
> when printing the port, In function ‘static const char 
> *resolve_service(int port)’ uses “%u” to print tcp port, however, in 
> function ‘static void unix_stats_print(struct sockstat *s, struct 
> filter *f)’ uses “%d” to
> 
> print port when showing unix info, what is the problem I think.
> 
> Can you tell me if there are some reasons by using the type ‘int’ to define the port? Or is it a bug? Can I use “%u” to print the port when showing the unix socket info?
> 
> /**********
> static void unix_stats_print(struct sockstat *s, struct filter *f) {
>          char port_name[30] = {};
> 
>          sock_state_print(s);
> 
>          sock_addr_print(s->name ?: "*", " ",
>                             int_to_str(s->lport, port_name), NULL);
>          sock_addr_print(s->peer_name ?: "*", " ",
>                             int_to_str(s->rport, port_name), NULL);
> 
>          proc_ctx_print(s);
> }
> **********/
> 
> 
> Best regards,
> SangXu

Please  report problems to netdev@...r.kernel.org.
Yes, it looks like a bug.

Download attachment "0001-ss-Use-u-to-print-port-when-show-unix-socket.patch" of type "application/octet-stream" (1539 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ