Fix Linux 6.5 support to avoid fortify panic #948
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fortify was detecting "buffer overflow in strcpy" in tc_configure() where a string is copied into a TCA_KIND attribute. The nlreq object has sufficient space with a 100 character buffer but the attribute pointer is set to &nlreq.hdr which has a fixed sized. By changing the pointer to &nlreq, fortify is able to see the extra bytes and not panic. Also remove a duplicate strcpy() in netmap_sink_init().
|
thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello,
I believe this patch is a fix for issue #937 where fortify causes a panic in
tc_configure()due to a "detected buffer overflow in strcpy". Thenlattr *is set to&nlreq.hdrwhich has a fixed size causing the overflow. By settingnlattr *to&nlreqinstead, the code sees the 100 bytebufspace and does not panic. I tested this on kernel 6.5.0-21 and verified theqdiscname was properly set by usingtc. With the fix I could runpkt-genon multiple emulated netmap interfaces without seeing a panic.While here I removed a duplicate
strcpy()innetmap_sink_init(). I assumed "nmsink" is preferred to "nmsink%d".