fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-28 22:40:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/libnm-platform
History
Thomas Haller 5740ed67cb
platform/netlink: don't reallocate ancillary data for recvmsg() on truncation 
Coverity thinks there is a problem here:

    Error: TAINTED_SCALAR (CWE-20): [#def233]
    NetworkManager-1.31.5/src/libnm-platform/nm-netlink.c:1437: tainted_argument: Calling function "recvmsg" taints argument "msg".
    NetworkManager-1.31.5/src/libnm-platform/nm-netlink.c:1458: tainted_data: Passing tainted expression "msg.msg_controllen" to "g_realloc", which uses it as an allocation size.
    NetworkManager-1.31.5/src/libnm-platform/nm-netlink.c:1458: remediation: Ensure that tainted values are properly sanitized, by checking that their values are within a permissible range.
    # 1456|
    # 1457|           msg.msg_controllen *= 2;
    # 1458|->         msg.msg_control = g_realloc(msg.msg_control, msg.msg_controllen);
    # 1459|           goto retry;
    # 1460|       }

but the problem is not the tainted data. The problem is how should
we handle MSG_CTRUNC? If we reach MSG_CTRUNC we already lost a message.
Retrying to receive the next message is not going to fix that and is
wrong.

Also, there really is no reason why any truncation should happen. The only
ancillary data that should be present is the sender information, and for
that our buffer is supposed to be large enough.

So, simply ignore truncation. It shouldn't happen, if it happened we
cannot recover from it (aside failing an assertion), and all we really
care are the retrieved credentials. If truncation happened, we might
not have retrieved the credentials, but then that is for the caller
to handle (by rejecting the message as untrusted).

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/872
2021-06-01 09:37:36 +02:00
..
tests build/meson: cleanup tests 2021-02-28 18:56:08 +01:00
wifi clang-format: reformat code with clang 12 2021-05-04 13:56:26 +02:00
wpan platform: move "platform/{wifi,wpan}/" to "src/libnm-platform/" 2021-03-05 11:27:15 +01:00
meson.build platform: move more platform code to src/libnm-platform/ 2021-03-05 11:27:16 +01:00
nm-linux-platform.c clang-format: reformat code with clang 12 2021-05-04 13:56:26 +02:00
nm-linux-platform.h platform: move more platform code to src/libnm-platform/ 2021-03-05 11:27:16 +01:00
nm-netlink.c platform/netlink: don't reallocate ancillary data for recvmsg() on truncation 2021-06-01 09:37:36 +02:00
nm-netlink.h build: move "shared/nm-std-aux" to "src/libnm-std-aux" 2021-02-24 12:48:24 +01:00
nm-platform-private.h platform: move more platform code to src/libnm-platform/ 2021-03-05 11:27:16 +01:00
nm-platform-utils.c ethtool: Introducing PAUSE support 2021-05-12 18:04:46 +02:00
nm-platform-utils.h ethtool: Introducing PAUSE support 2021-05-12 18:04:46 +02:00
nm-platform.c ethtool: Introducing PAUSE support 2021-05-12 18:04:46 +02:00
nm-platform.h ethtool: Introducing PAUSE support 2021-05-12 18:04:46 +02:00
nmp-base.h ethtool: Introducing PAUSE support 2021-05-12 18:04:46 +02:00
nmp-netns.c build: move "shared/nm-{glib-aux,log-null,log-core}" to "src/libnm-{glib-aux,log-null,log-core}" 2021-02-24 12:48:20 +01:00
nmp-netns.h build: move "shared/nm-platform" to "src/libnm-platform" 2021-02-24 12:48:17 +01:00
nmp-object.c trivial: fix coding style issue 2021-05-27 09:56:18 +02:00
nmp-object.h clang-format: reformat code with clang 12 2021-05-04 13:56:26 +02:00
nmp-rules-manager.c platform: move more platform code to src/libnm-platform/ 2021-03-05 11:27:16 +01:00
nmp-rules-manager.h platform: move more platform code to src/libnm-platform/ 2021-03-05 11:27:16 +01:00