fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-01 07:10:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/platform
History
Dan Williams 45c7adb309 platform: don't read past end of address array (bgo #742937) 
The address might be zero-size, and therefore nl_addr_get_binary_addr()
returns a pointer to a zero-size array.  We don't want to read past the
end of that array.  Since zero-size addresses really mean an address
of all zeros, just make that happen.

As an additional optimization, if the prefix length is zero, the whole
address is host bits and should be cleared.

==30286== Invalid read of size 4
==30286==    at 0x478090: clear_host_address (nm-linux-platform.c:3786)
==30286==    by 0x4784D4: route_search_cache (nm-linux-platform.c:3883)
==30286==    by 0x4785A1: refresh_route (nm-linux-platform.c:3901)
==30286==    by 0x4787B6: ip4_route_delete (nm-linux-platform.c:3978)
==30286==    by 0x47F674: nm_platform_ip4_route_delete (nm-platform.c:1980)
==30286==    by 0x4B279D: _v4_platform_route_delete_default (nm-default-route-manager.c:1122)
==30286==    by 0x4AEF03: _platform_route_sync_flush (nm-default-route-manager.c:320)
==30286==    by 0x4B043E: _resync_all (nm-default-route-manager.c:574)
==30286==    by 0x4B0CA7: _entry_at_idx_remove (nm-default-route-manager.c:631)
==30286==    by 0x4B1A66: _ipx_update_default_route (nm-default-route-manager.c:806)
==30286==    by 0x4B1A9C: nm_default_route_manager_ip4_update_default_route (nm-default-route-manager.c:813)
==30286==    by 0x45C3BC: _cleanup_generic_post (nm-device.c:7143)
==30286==  Address 0xee33514 is 0 bytes after a block of size 20 alloc'd
==30286==    at 0x4C2C080: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30286==    by 0x6B2B0B1: nl_addr_alloc (in /usr/lib/libnl-3.so.200.20.0)
==30286==    by 0x6B2B0E3: nl_addr_build (in /usr/lib/libnl-3.so.200.20.0)
==30286==    by 0x6B2B181: nl_addr_clone (in /usr/lib/libnl-3.so.200.20.0)
==30286==    by 0x66DB0D7: ??? (in /usr/lib/libnl-route-3.so.200.20.0)
==30286==    by 0x6B33CE6: nl_object_clone (in /usr/lib/libnl-3.so.200.20.0)
==30286==    by 0x6B2D303: nl_cache_add (in /usr/lib/libnl-3.so.200.20.0)
==30286==    by 0x472E55: refresh_object (nm-linux-platform.c:1735)
==30286==    by 0x473137: add_object (nm-linux-platform.c:1795)
==30286==    by 0x478373: ip4_route_add (nm-linux-platform.c:3846)
==30286==    by 0x47F375: nm_platform_ip4_route_add (nm-platform.c:1939)
==30286==    by 0x4AEC06: _platform_route_sync_add (nm-default-route-manager.c:254)

https://bugzilla.gnome.org/show_bug.cgi?id=742937
(cherry picked from commit d2871089a8)
2015-01-15 11:09:29 -06:00
..
tests platform: suppress change event when deleting IPv4 route with metric 0 2015-01-12 22:08:42 +01:00
wifi wifi: don't query nl80211 for non-WiFi devices (bgo #740131) 2014-11-17 09:45:08 -06:00
Makefile.am platform: add minimal Makefile.am for convenience 2013-06-19 13:48:29 +02:00
nm-fake-platform.c platform/tests: fix errors in fake platform handling route metrics 2015-01-12 22:08:42 +01:00
nm-fake-platform.h all: fix up multiple-include-guard defines 2014-08-16 10:17:14 -04:00
nm-linux-platform.c platform: don't read past end of address array (bgo #742937) 2015-01-15 11:09:29 -06:00
nm-linux-platform.h all: fix up multiple-include-guard defines 2014-08-16 10:17:14 -04:00
nm-platform.c platform: avoid conflicts when reinstalling the device-route 2014-12-11 10:07:00 +01:00
nm-platform.h platform: suppress change event when deleting IPv4 route with metric 0 2015-01-12 22:08:42 +01:00