From patchwork Tue Mar 9 15:45:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1449962 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4Dw01g0XJ7z9sRR for ; Wed, 10 Mar 2021 02:46:31 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231571AbhCIPp7 (ORCPT ); Tue, 9 Mar 2021 10:45:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46960 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231761AbhCIPpa (ORCPT ); Tue, 9 Mar 2021 10:45:30 -0500 Received: from orbyte.nwl.cc (orbyte.nwl.cc [IPv6:2001:41d0:e:133a::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 928EDC06174A for ; Tue, 9 Mar 2021 07:45:29 -0800 (PST) Received: from localhost ([::1]:56638 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.94) (envelope-from ) id 1lJeY1-00016D-IJ; Tue, 09 Mar 2021 16:45:25 +0100 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [libnftnl PATCH 01/10] expr: Fix snprintf buffer length updates Date: Tue, 9 Mar 2021 16:45:07 +0100 Message-Id: <20210309154516.4987-2-phil@nwl.cc> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210309154516.4987-1-phil@nwl.cc> References: <20210309154516.4987-1-phil@nwl.cc> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Subsequent calls to snprintf() sometimes reuse 'len' variable although they should refer to the updated value in 'remain' instead. Fixes: 676ea569bbe5a ("src: Change parameters of SNPRINTF_BUFFER_SIZE macro.") Signed-off-by: Phil Sutter --- src/expr/ct.c | 2 +- src/expr/dup.c | 4 ++-- src/expr/queue.c | 12 ++++++------ src/expr/redir.c | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/expr/ct.c b/src/expr/ct.c index 124de9dd2b33a..1a21c953c9be2 100644 --- a/src/expr/ct.c +++ b/src/expr/ct.c @@ -230,7 +230,7 @@ nftnl_expr_ct_snprintf_default(char *buf, size_t size, struct nftnl_expr_ct *ct = nftnl_expr_data(e); if (e->flags & (1 << NFTNL_EXPR_CT_SREG)) { - ret = snprintf(buf, size, "set %s with reg %u ", + ret = snprintf(buf, remain, "set %s with reg %u ", ctkey2str(ct->key), ct->sreg); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } diff --git a/src/expr/dup.c b/src/expr/dup.c index ac398394aed06..7a3ee96361644 100644 --- a/src/expr/dup.c +++ b/src/expr/dup.c @@ -119,12 +119,12 @@ static int nftnl_expr_dup_snprintf_default(char *buf, size_t len, struct nftnl_expr_dup *dup = nftnl_expr_data(e); if (e->flags & (1 << NFTNL_EXPR_DUP_SREG_ADDR)) { - ret = snprintf(buf + offset, len, "sreg_addr %u ", dup->sreg_addr); + ret = snprintf(buf + offset, remain, "sreg_addr %u ", dup->sreg_addr); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (e->flags & (1 << NFTNL_EXPR_DUP_SREG_DEV)) { - ret = snprintf(buf + offset, len, "sreg_dev %u ", dup->sreg_dev); + ret = snprintf(buf + offset, remain, "sreg_dev %u ", dup->sreg_dev); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } diff --git a/src/expr/queue.c b/src/expr/queue.c index 051ef71e72fdb..b892b57bc4897 100644 --- a/src/expr/queue.c +++ b/src/expr/queue.c @@ -153,31 +153,31 @@ static int nftnl_expr_queue_snprintf_default(char *buf, size_t len, if (e->flags & (1 << NFTNL_EXPR_QUEUE_NUM)) { total_queues = queue->queuenum + queue->queues_total - 1; - ret = snprintf(buf + offset, len, "num %u", queue->queuenum); + ret = snprintf(buf + offset, remain, "num %u", queue->queuenum); SNPRINTF_BUFFER_SIZE(ret, remain, offset); if (queue->queues_total && total_queues != queue->queuenum) { - ret = snprintf(buf + offset, len, "-%u", total_queues); + ret = snprintf(buf + offset, remain, "-%u", total_queues); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } - ret = snprintf(buf + offset, len, " "); + ret = snprintf(buf + offset, remain, " "); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (e->flags & (1 << NFTNL_EXPR_QUEUE_SREG_QNUM)) { - ret = snprintf(buf + offset, len, "sreg_qnum %u ", + ret = snprintf(buf + offset, remain, "sreg_qnum %u ", queue->sreg_qnum); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (e->flags & (1 << NFTNL_EXPR_QUEUE_FLAGS)) { if (queue->flags & (NFT_QUEUE_FLAG_BYPASS)) { - ret = snprintf(buf + offset, len, "bypass "); + ret = snprintf(buf + offset, remain, "bypass "); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (queue->flags & (NFT_QUEUE_FLAG_CPU_FANOUT)) { - ret = snprintf(buf + offset, len, "fanout "); + ret = snprintf(buf + offset, remain, "fanout "); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } } diff --git a/src/expr/redir.c b/src/expr/redir.c index 477659a320db1..c00c2a6ddf3cf 100644 --- a/src/expr/redir.c +++ b/src/expr/redir.c @@ -138,19 +138,19 @@ static int nftnl_expr_redir_snprintf_default(char *buf, size_t len, struct nftnl_expr_redir *redir = nftnl_expr_data(e); if (nftnl_expr_is_set(e, NFTNL_EXPR_REDIR_REG_PROTO_MIN)) { - ret = snprintf(buf + offset, len, "proto_min reg %u ", + ret = snprintf(buf + offset, remain, "proto_min reg %u ", redir->sreg_proto_min); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (nftnl_expr_is_set(e, NFTNL_EXPR_REDIR_REG_PROTO_MAX)) { - ret = snprintf(buf + offset, len, "proto_max reg %u ", + ret = snprintf(buf + offset, remain, "proto_max reg %u ", redir->sreg_proto_max); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } if (nftnl_expr_is_set(e, NFTNL_EXPR_REDIR_FLAGS)) { - ret = snprintf(buf + offset, len, "flags 0x%x ", + ret = snprintf(buf + offset, remain, "flags 0x%x ", redir->flags); SNPRINTF_BUFFER_SIZE(ret, remain, offset); }