| Message ID | 20210402201156.2789453-1-zenczykowski@gmail.com (mailing list archive) |
|---|---|
| State | Awaiting Upstream |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [netfilter] netfilter: xt_IDLETIMER: fix idletimer_tg_helper non-kosher casts | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | fail | Series targets non-next tree, but doesn't contain any Fixes tags |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for net |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | warning | 4 maintainers not CCed: davem@davemloft.net kadlec@netfilter.org coreteam@netfilter.org kuba@kernel.org |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 0 this patch: 0 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 46 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 0 this patch: 0 |
| netdev/header_inline | success | Link |
Maciej Żenczykowski <zenczykowski@gmail.com> wrote: > From: Maciej Żenczykowski <maze@google.com> > > The code is relying on the identical layout of the beginning > of the v0 and v1 structs, but this can easily lead to code bugs > if one were to try to extend this further... What is the concern? These structs are part of ABI, they cannot be changed.
> > The code is relying on the identical layout of the beginning > > of the v0 and v1 structs, but this can easily lead to code bugs > > if one were to try to extend this further... > > What is the concern? These structs are part of ABI, they > cannot be changed. That is a reasonable point, but there should have at *least* been a solid comment about why this sort of cast is safe.
diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c index 7b2f359bfce4..2b5e81f6e0bd 100644 --- a/net/netfilter/xt_IDLETIMER.c +++ b/net/netfilter/xt_IDLETIMER.c @@ -283,18 +283,19 @@ static unsigned int idletimer_tg_target_v1(struct sk_buff *skb, return XT_CONTINUE; } -static int idletimer_tg_helper(struct idletimer_tg_info *info) +static int idletimer_tg_helper(__u32 timeout, + char (*plabel)[MAX_IDLETIMER_LABEL_SIZE]) { - if (info->timeout == 0) { + if (timeout == 0) { pr_debug("timeout value is zero\n"); return -EINVAL; } - if (info->timeout >= INT_MAX / 1000) { + if (timeout >= INT_MAX / 1000) { pr_debug("timeout value is too big\n"); return -EINVAL; } - if (info->label[0] == '\0' || - strnlen(info->label, + if ((*plabel)[0] == '\0' || + strnlen(*plabel, MAX_IDLETIMER_LABEL_SIZE) == MAX_IDLETIMER_LABEL_SIZE) { pr_debug("label is empty or not nul-terminated\n"); return -EINVAL; @@ -310,9 +311,8 @@ static int idletimer_tg_checkentry(const struct xt_tgchk_param *par) pr_debug("checkentry targinfo%s\n", info->label); - ret = idletimer_tg_helper(info); - if(ret < 0) - { + ret = idletimer_tg_helper(info->timeout, &info->label); + if (ret < 0) { pr_debug("checkentry helper return invalid\n"); return -EINVAL; } @@ -349,9 +349,8 @@ static int idletimer_tg_checkentry_v1(const struct xt_tgchk_param *par) if (info->send_nl_msg) return -EOPNOTSUPP; - ret = idletimer_tg_helper((struct idletimer_tg_info *)info); - if(ret < 0) - { + ret = idletimer_tg_helper(info->timeout, &info->label); + if (ret < 0) { pr_debug("checkentry helper return invalid\n"); return -EINVAL; }