lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZeHLFNX7f5x1M10/@grappa.linbit>
Date: Fri, 1 Mar 2024 13:33:24 +0100
From: Lars Ellenberg <lars.ellenberg@...bit.com>
To: netdev@...r.kernel.org
Subject: [PATCH] ss: fix output of MD5 signature keys configured on TCP
 sockets

da9cc6ab introduced printing of MD5 signature keys when found.
But when changing printf() to out() calls with 90351722,
the implicit printf call in print_escape_buf() was overlooked.
That results in a funny output in the first line:
"<all-your-tcp-signature-keys-concatenated>State"
and ambiguity as to which of those bytes belong to which socket.

Add a static void out_escape_buf() immediately before we use it.

da9cc6ab (ss: print MD5 signature keys configured on TCP sockets, 2017-10-06)
90351722 (ss: Replace printf() calls for "main" output by calls to helper, 2017-12-12)

Signed-off-by: Lars Ellenberg <lars.ellenberg@...bit.com>
---
 misc/ss.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/misc/ss.c b/misc/ss.c
index 5296cabe..fb560a55 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -24,6 +24,7 @@
 #include <stdbool.h>
 #include <limits.h>
 #include <stdarg.h>
+#include <ctype.h>
 
 #include "ss_util.h"
 #include "utils.h"
@@ -2891,6 +2892,20 @@ static void print_skmeminfo(struct rtattr *tb[], int attrtype)
 	out(")");
 }
 
+/* like lib/utils.c print_escape_buf(), but use out(), not printf()! */
+static void out_escape_buf(const __u8 *buf, size_t len, const char *escape)
+{
+	size_t i;
+
+	for (i = 0; i < len; ++i) {
+		if (isprint(buf[i]) && buf[i] != '\\' &&
+		    !strchr(escape, buf[i]))
+			out("%c", buf[i]);
+		else
+			out("\\%03o", buf[i]);
+	}
+}
+
 static void print_md5sig(struct tcp_diag_md5sig *sig)
 {
 	out("%s/%d=",
@@ -2898,7 +2913,7 @@ static void print_md5sig(struct tcp_diag_md5sig *sig)
 			sig->tcpm_family == AF_INET6 ? 16 : 4,
 			&sig->tcpm_addr),
 	    sig->tcpm_prefixlen);
-	print_escape_buf(sig->tcpm_key, sig->tcpm_keylen, " ,");
+	out_escape_buf(sig->tcpm_key, sig->tcpm_keylen, " ,");
 }
 
 static void tcp_tls_version(struct rtattr *attr)
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ