[LTP] [PATCH] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[LTP] [PATCH] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[Xiao Yang]

socket() does not support IPPROTO_ICMP, and the ping_group_range file
does not exist in older kernels(e.g. RHEL5.11GA).  these supports are
introduced by:
'c319b4d("net: ipv4: add IPPROTO_ICMP socket kind")'

This case should get TCONF instead of TBROK, so we add check to fix it.

Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
---
 testcases/cve/cve-2017-2671.c | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/testcases/cve/cve-2017-2671.c b/testcases/cve/cve-2017-2671.c
index 2148512..86d12e6 100644
--- a/testcases/cve/cve-2017-2671.c
+++ b/testcases/cve/cve-2017-2671.c
@@ -37,6 +37,8 @@
  * enabled by default, root privileges are not required.
  */
 
+#include <errno.h>
+#include <unistd.h>
 #include <stdio.h>
 #include <sys/socket.h>
 #include <arpa/inet.h>
@@ -52,7 +54,7 @@
 #define PING_SYSCTL_PATH "/proc/sys/net/ipv4/ping_group_range"
 
 static int sockfd;
-static unsigned int ping_min_grp = 1, ping_max_grp;
+static unsigned int ping_min_grp, ping_max_grp;
 static struct tst_fzsync_pair fzsync_pair = TST_FZSYNC_PAIR_INIT;
 static struct sockaddr_in iaddr, uaddr;
 
@@ -64,17 +66,27 @@ static void setup(void)
 	uaddr.sin_family = AF_UNSPEC;
 	fzsync_pair.delay_inc = 1;
 
-	SAFE_FILE_SCANF(PING_SYSCTL_PATH, "%u %u",
-			&ping_min_grp, &ping_max_grp);
-	SAFE_FILE_PRINTF(PING_SYSCTL_PATH, "0 0");
+	if (!access(PING_SYSCTL_PATH, F_OK)) {
+		SAFE_FILE_SCANF(PING_SYSCTL_PATH, "%u %u",
+				&ping_min_grp, &ping_max_grp);
+		SAFE_FILE_PRINTF(PING_SYSCTL_PATH, "0 0");
+	}
 
-	sockfd = SAFE_SOCKET(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
+	sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP);
+	if (sockfd == -1) {
+		if (errno == EPROTONOSUPPORT) {
+			tst_brk(TCONF | TERRNO,
+				"socket() does not support IPPROTO_ICMP");
+		}
+		tst_brk(TBROK | TERRNO, "socket() failed");
+	}
 	tst_res(TINFO, "Created ping socket, attempting to race...");
 }
 
 static void cleanup(void)
 {
-	SAFE_CLOSE(sockfd);
+	if (sockfd > 0)
+		SAFE_CLOSE(sockfd);
 	if (ping_min_grp | ping_max_grp)
 		SAFE_FILE_PRINTF(PING_SYSCTL_PATH, "%u %u",
 				 ping_min_grp, ping_max_grp);
-- 
1.8.3.1

[LTP] [PATCH] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[Cyril Hrubis]

Hi!
> socket() does not support IPPROTO_ICMP, and the ping_group_range file
> does not exist in older kernels(e.g. RHEL5.11GA).  these supports are
> introduced by:
> 'c319b4d("net: ipv4: add IPPROTO_ICMP socket kind")'

Hm, the question is if there is a system that supports IPPROTO_ICMP
and where the ping_group_range file is missing. Does that even happen?

If not we should simplify this by exitting (tst_brk()) with TCONF if the
ping_group_range is missing instead of doing that later on
EPROTONOSUPPORT.

-- 
Cyril Hrubis
chrubis@suse.cz

[LTP] [PATCH] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[Xiao Yang]

On 2017/08/03 23:52, Cyril Hrubis wrote:
> Hi!
>> socket() does not support IPPROTO_ICMP, and the ping_group_range file
>> does not exist in older kernels(e.g. RHEL5.11GA).  these supports are
>> introduced by:
>> 'c319b4d("net: ipv4: add IPPROTO_ICMP socket kind")'
> Hm, the question is if there is a system that supports IPPROTO_ICMP
> and where the ping_group_range file is missing. Does that even happen?
>
> If not we should simplify this by exitting (tst_brk()) with TCONF if the
> ping_group_range is missing instead of doing that later on
> EPROTONOSUPPORT.
>
Hi Cyril,

Thanks for your comments.  I think there is not  a system that supports 
IPPROTO_ICMP
and where the ping_group_range file is missing.  I will  simplify it as 
you suggested.

Thanks,
Xiao Yang.

[LTP] [PATCH v2] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[Xiao Yang]

socket() does not support IPPROTO_ICMP, and where the ping_group_range
file is missing in older kernels(e.g. RHEL5.11GA).  these supports are
introduced by:
'c319b4d("net: ipv4: add IPPROTO_ICMP socket kind")'

This case should get TCONF if the ping_group_range is missing, so we
add check to fix it.

Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
---
 testcases/cve/cve-2017-2671.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/testcases/cve/cve-2017-2671.c b/testcases/cve/cve-2017-2671.c
index 2148512..77744db 100644
--- a/testcases/cve/cve-2017-2671.c
+++ b/testcases/cve/cve-2017-2671.c
@@ -37,6 +37,7 @@
  * enabled by default, root privileges are not required.
  */
 
+#include <unistd.h>
 #include <stdio.h>
 #include <sys/socket.h>
 #include <arpa/inet.h>
@@ -52,7 +53,7 @@
 #define PING_SYSCTL_PATH "/proc/sys/net/ipv4/ping_group_range"
 
 static int sockfd;
-static unsigned int ping_min_grp = 1, ping_max_grp;
+static unsigned int ping_min_grp, ping_max_grp;
 static struct tst_fzsync_pair fzsync_pair = TST_FZSYNC_PAIR_INIT;
 static struct sockaddr_in iaddr, uaddr;
 
@@ -64,6 +65,9 @@ static void setup(void)
 	uaddr.sin_family = AF_UNSPEC;
 	fzsync_pair.delay_inc = 1;
 
+	if (access(PING_SYSCTL_PATH, F_OK))
+		tst_brk(TCONF, "socket() does not support IPPROTO_ICMP");
+
 	SAFE_FILE_SCANF(PING_SYSCTL_PATH, "%u %u",
 			&ping_min_grp, &ping_max_grp);
 	SAFE_FILE_PRINTF(PING_SYSCTL_PATH, "0 0");
@@ -74,7 +78,8 @@ static void setup(void)
 
 static void cleanup(void)
 {
-	SAFE_CLOSE(sockfd);
+	if (sockfd > 0)
+		SAFE_CLOSE(sockfd);
 	if (ping_min_grp | ping_max_grp)
 		SAFE_FILE_PRINTF(PING_SYSCTL_PATH, "%u %u",
 				 ping_min_grp, ping_max_grp);
-- 
1.8.3.1

[LTP] [PATCH v2] cve/cve-2017-2671.c: check if socket() supports IPPROTO_ICMP

[Cyril Hrubis]

Hi!
Pushed, thanks.

-- 
Cyril Hrubis
chrubis@suse.cz