{"id":808813,"url":"http://patchwork.ozlabs.org/api/1.0/patches/808813/?format=json","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/1.0/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<b54be39a6f4688613fba5f0b7a1dcad245149b20.1504283683.git.mkubecek@suse.cz>","date":"2017-09-01T16:39:11","name":"[iproute2,1/2] iplink: check for message truncation in iplink_get()","commit_ref":null,"pull_url":null,"state":"accepted","archived":true,"hash":"087448eb6072b316bccdf73175aebf348e663ca0","submitter":{"id":11892,"url":"http://patchwork.ozlabs.org/api/1.0/people/11892/?format=json","name":"Michal Kubecek","email":"mkubecek@suse.cz"},"delegate":{"id":389,"url":"http://patchwork.ozlabs.org/api/1.0/users/389/?format=json","username":"shemminger","first_name":"stephen","last_name":"hemminger","email":"shemminger@vyatta.com"},"mbox":"http://patchwork.ozlabs.org/project/netdev/patch/b54be39a6f4688613fba5f0b7a1dcad245149b20.1504283683.git.mkubecek@suse.cz/mbox/","series":[{"id":1074,"url":"http://patchwork.ozlabs.org/api/1.0/series/1074/?format=json","date":"2017-09-01T16:39:16","name":"fix \"ip link show dev ...\" for NICs with many VFs","version":1,"mbox":"http://patchwork.ozlabs.org/series/1074/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/808813/checks/","tags":{},"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xkQ2J3Dk8z9t2x\n\tfor <patchwork-incoming@ozlabs.org>;\n\tSat,  2 Sep 2017 02:39:52 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1752193AbdIAQjQ (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tFri, 1 Sep 2017 12:39:16 -0400","from mx2.suse.de ([195.135.220.15]:38399 \"EHLO mx1.suse.de\"\n\trhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP\n\tid S1751998AbdIAQjN (ORCPT <rfc822;netdev@vger.kernel.org>);\n\tFri, 1 Sep 2017 12:39:13 -0400","from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])\n\tby mx1.suse.de (Postfix) with ESMTP id F1934AE7C;\n\tFri,  1 Sep 2017 16:39:11 +0000 (UTC)","by unicorn.suse.cz (Postfix, from userid 1000)\n\tid 9F840A0F21; Fri,  1 Sep 2017 18:39:11 +0200 (CEST)"],"X-Virus-Scanned":"by amavisd-new at test-mx.suse.de","Message-Id":"<b54be39a6f4688613fba5f0b7a1dcad245149b20.1504283683.git.mkubecek@suse.cz>","In-Reply-To":"<cover.1504283683.git.mkubecek@suse.cz>","References":"<cover.1504283683.git.mkubecek@suse.cz>","From":"Michal Kubecek <mkubecek@suse.cz>","Subject":"[PATCH iproute2 1/2] iplink: check for message truncation in\n\tiplink_get()","To":"Stephen Hemminger <stephen@networkplumber.org>","Cc":"netdev@vger.kernel.org, linux-kernel@vger.kernel.org","Date":"Fri,  1 Sep 2017 18:39:11 +0200 (CEST)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"If message length exceeds maxlen argument of rtnl_talk(), it is truncated\nto maxlen but unlike in the case of truncation to the length of local\nbuffer in rtnl_talk(), the caller doesn't get any indication of a problem.\n\nIn particular, iplink_get() passes the truncated message on and parsing it\nresults in various warnings and sometimes even a segfault (observed with\n\"ip link show dev ...\" for a NIC with 125 VFs).\n\nHandle message truncation in iplink_get() the same way as truncation in\nrtnl_talk() would be handled: return an error.\n\nSigned-off-by: Michal Kubecek <mkubecek@suse.cz>\n---\n ip/iplink.c | 5 +++++\n 1 file changed, 5 insertions(+)","diff":"diff --git a/ip/iplink.c b/ip/iplink.c\nindex 5aff2fde38da..790e3a138bb0 100644\n--- a/ip/iplink.c\n+++ b/ip/iplink.c\n@@ -1040,6 +1040,11 @@ int iplink_get(unsigned int flags, char *name, __u32 filt_mask)\n \n \tif (rtnl_talk(&rth, &req.n, &answer.n, sizeof(answer)) < 0)\n \t\treturn -2;\n+\tif (answer.n.nlmsg_len > sizeof(answer.buf)) {\n+\t\tfprintf(stderr, \"Message truncated from %u to %lu\\n\",\n+\t\t\tanswer.n.nlmsg_len, sizeof(answer.buf));\n+\t\treturn -2;\n+\t}\n \n \tif (brief)\n \t\tprint_linkinfo_brief(NULL, &answer.n, stdout, NULL);\n","prefixes":["iproute2","1/2"]}