| Message ID | 1432922994-13735-1-git-send-email-vadim4j@gmail.com |
|---|---|
| State | Superseded, archived |
| Delegated to: | stephen hemminger |
| Headers | show |
On Fri, 29 May 2015 21:09:54 +0300 Vadim Kochan <vadim4j@gmail.com> wrote: > From: Vadim Kochan <vadim4j@gmail.com> > > Used 16 char array for cong alg name instead of malloc. > > Fixes: 8250bc9ff4e5 ("ss: Unify inet sockets output") > Reported-by: Jose R. Guzman Mosqueda <jose.r.guzman.mosqueda@intel.com> > Signed-off-by: Vadim Kochan <vadim4j@gmail.com> > --- > v2: > Used 16 byte array for cong alg name instead of malloc > suggested by Eric Dumazet <eric.dumazet@gmail.com> > > misc/ss.c | 12 +++++------- > 1 file changed, 5 insertions(+), 7 deletions(-) > > diff --git a/misc/ss.c b/misc/ss.c > index 347e3a1..0bab8a2 100644 > --- a/misc/ss.c > +++ b/misc/ss.c > @@ -755,7 +755,7 @@ struct tcpstat > int timer; > int timeout; > int probes; > - char *cong_alg; > + char cong_alg[16]; > double rto, ato, rtt, rttvar; > int qack, cwnd, ssthresh, backoff; > double send_bps; > @@ -1664,7 +1664,7 @@ static void tcp_stats_print(struct tcpstat *s) > printf(" ecnseen"); > if (s->has_fastopen_opt) > printf(" fastopen"); > - if (s->cong_alg) > + if (s->cong_alg[0]) > printf(" %s", s->cong_alg); > if (s->has_wscale_opt) > printf(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale); > @@ -1907,9 +1907,9 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r, > } > > if (tb[INET_DIAG_CONG]) { > - const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]); > - s.cong_alg = malloc(strlen(cong_attr + 1)); > - strcpy(s.cong_alg, cong_attr); > + strncpy(s.cong_alg, > + rta_getattr_str(tb[INET_DIAG_CONG]), > + sizeof(s.cong_alg) - 1); > } > > if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) { > @@ -1984,8 +1984,6 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r, > tcp_stats_print(&s); > if (s.dctcp) > free(s.dctcp); > - if (s.cong_alg) > - free(s.cong_alg); > } > } > Why not use strdupa? I handles arbitrary size? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, 2015-05-29 at 15:02 -0700, Stephen Hemminger wrote:
> Why not use strdupa? I handles arbitrary size?
I doubt this will please security guys.
RETURN VALUE
The alloca() function returns a pointer to the beginning of the
allocated space. If the allocation causes stack overflow, program
behavior is undefined.
Could we please stick with this 16 bytes value ?
I am confident we wont increase kernel side because of various backward
compatibility issues anyway.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/misc/ss.c b/misc/ss.c index 347e3a1..0bab8a2 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -755,7 +755,7 @@ struct tcpstat int timer; int timeout; int probes; - char *cong_alg; + char cong_alg[16]; double rto, ato, rtt, rttvar; int qack, cwnd, ssthresh, backoff; double send_bps; @@ -1664,7 +1664,7 @@ static void tcp_stats_print(struct tcpstat *s) printf(" ecnseen"); if (s->has_fastopen_opt) printf(" fastopen"); - if (s->cong_alg) + if (s->cong_alg[0]) printf(" %s", s->cong_alg); if (s->has_wscale_opt) printf(" wscale:%d,%d", s->snd_wscale, s->rcv_wscale); @@ -1907,9 +1907,9 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r, } if (tb[INET_DIAG_CONG]) { - const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]); - s.cong_alg = malloc(strlen(cong_attr + 1)); - strcpy(s.cong_alg, cong_attr); + strncpy(s.cong_alg, + rta_getattr_str(tb[INET_DIAG_CONG]), + sizeof(s.cong_alg) - 1); } if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) { @@ -1984,8 +1984,6 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r, tcp_stats_print(&s); if (s.dctcp) free(s.dctcp); - if (s.cong_alg) - free(s.cong_alg); } }