From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 343FC3858297 for ; Fri, 29 Jul 2022 16:43:05 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 343FC3858297 Received: from mail-qv1-f69.google.com (mail-qv1-f69.google.com [209.85.219.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-507-3O90XBPBMIWfJFm_iaj9Fg-1; Fri, 29 Jul 2022 12:43:03 -0400 X-MC-Unique: 3O90XBPBMIWfJFm_iaj9Fg-1 Received: by mail-qv1-f69.google.com with SMTP id ln10-20020a0562145a8a00b004749ae27efcso411880qvb.22 for ; Fri, 29 Jul 2022 09:43:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:organization:in-reply-to :content-transfer-encoding; bh=Cd3EfvBra74uCF3VVvtYZPE9nw49yzyOkV2fOsEnzLQ=; b=tK4Ut+7CZ9myAWZkabwdKnCdBE2teLNhy/0PRUagrUywEgsfddasJdFa/jDkG638Vw U/wYDt386XEO5X/ixJg/lghshl1CJ2BdsxpKJIoepbMjrzQATbtQv4L96VgELI26aXkM lrAsZtNLcO0djz/gd8EqbYc1iAIb3VcB/MWTESnRqi54Ut4osauv520e34VomAfrwLjp 3aV9VTY81wtYD0BP8bGxpaZWjPNAeb/gS7Qv+SwtdS98RjB3PKiz3V28gT0tCsAvw+nB tebZcRmfJyzUJpARg5E5XhuQIhv4/kx7RSvEuvUj8XOjzaPvUCTuF3y+KD0m+sBj4xRu k1yQ== X-Gm-Message-State: ACgBeo3XYklI8s/P1C0KCNyALMeAfwraXbixm/Jx4MNxrCKVRAWkrrgb DnskBtNJIU17+Fmd1ek5pBLoMgY048DU2eEA6oZ/qpBWfToHblGTfO2qImsRlRVRYra7MnQK0xZ lKvGdyV8R67D7j+KXlRDU X-Received: by 2002:a05:6214:3006:b0:46e:6be4:2b7d with SMTP id ke6-20020a056214300600b0046e6be42b7dmr3899024qvb.84.1659112983333; Fri, 29 Jul 2022 09:43:03 -0700 (PDT) X-Google-Smtp-Source: AA6agR4Oq3bWL0DiAwCLxg7/cYxaG+5g2NesnnEJtR1MQ9z9E9MjAlBT5qJyywgjIduLoSNtBeethA== X-Received: by 2002:a05:6214:3006:b0:46e:6be4:2b7d with SMTP id ke6-20020a056214300600b0046e6be42b7dmr3899003qvb.84.1659112983063; Fri, 29 Jul 2022 09:43:03 -0700 (PDT) Received: from [192.168.0.241] (192-0-145-146.cpe.teksavvy.com. [192.0.145.146]) by smtp.gmail.com with ESMTPSA id e17-20020ac84151000000b00320f3e2cc9fsm384047qtm.24.2022.07.29.09.43.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 29 Jul 2022 09:43:02 -0700 (PDT) Message-ID: <4631785f-d873-bdf7-c315-b673f15c55ff@redhat.com> Date: Fri, 29 Jul 2022 12:43:01 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH v4] socket: Check lengths before advancing pointer in CMSG_NXTHDR To: Siddhesh Poyarekar , Arjun Shankar , libc-alpha@sourceware.org References: <20220729132637.1693027-1-arjun@redhat.com> From: Carlos O'Donell Organization: Red Hat In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.0 required=5.0 tests=BAYES_00, BODY_8BITS, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2022 16:43:06 -0000 On 7/29/22 12:40, Siddhesh Poyarekar wrote: > On 2022-07-29 09:26, Arjun Shankar wrote: >> The inline and library functions that the CMSG_NXTHDR macro may expand >> to increment the pointer to the header before checking the stride of >> the increment against available space.  Since C only allows incrementing >> pointers to one past the end of an array, the increment must be done >> after a length check.  This commit fixes that and includes a regression >> test for CMSG_FIRSTHDR and CMSG_NXTHDR. >> >> The Linux, Hurd, and generic headers are all changed. >> >> Tested on Linux on armv7hl, i686, x86_64, aarch64, ppc64le, and s390x. >> >> [BZ #28846] >> --- >> v3: https://sourceware.org/pipermail/libc-alpha/2022-July/140854.html >> >> Notes on v4: >> >> * Addressed review comments from Siddhesh: >> >> 1. (sizeof (struct cmsghdr) + __CMSG_PADDING (cmsg_len)): >>     defined as size_needed. >> >> 2. >>> OK, but I wonder if there's utility in making the padding a generic >>> macro, e.g. >> >>> #define ALIGN_PADDING(n, a) ((a - (n & (a - 1))) & (a - 1)) >> >> This sounds useful, and actually it would be great to move *all* of the >> duplicate code between these versions into a separate file and include it >> in these variants.  I'll try to do a follow-up with this soon. I'm going to >> note it down in my TODO. >> >> 3. >>> __msg_control_ptr doesn't really need the __ since it's a local variable. >> >> I thought so too.  But Florian pointed out that it would interfere with >> things like users #define'ing msg_control_ptr before including socket.h. >> --- >>   bits/socket.h                         | 40 ++++++++++-- >>   socket/Makefile                       |  1 + >>   socket/tst-cmsghdr-skeleton.c         | 92 +++++++++++++++++++++++++++ >>   socket/tst-cmsghdr.c                  | 56 ++++++++++++++++ >>   sysdeps/mach/hurd/bits/socket.h       | 40 ++++++++++-- >>   sysdeps/unix/sysv/linux/bits/socket.h | 40 ++++++++++-- >>   sysdeps/unix/sysv/linux/cmsg_nxthdr.c | 36 ++++++++--- >>   7 files changed, 276 insertions(+), 29 deletions(-) >>   create mode 100644 socket/tst-cmsghdr-skeleton.c >>   create mode 100644 socket/tst-cmsghdr.c > > LGTM. > > Reviewed-by: Siddhesh Poyarekar Just a reminder that the branch is frozen for glibc 2.36 release. This is good for 2.37 when it opens. -- Cheers, Carlos.