[PATCH 1/4] genl: Sanitize incoming family name string

[PATCH 1/4] genl: Sanitize incoming family name string

[Mat Martineau]

[-- Attachment #1: Type: text/plain, Size: 618 bytes --]

The null terminated name must fit in a system-defined fixed-size buffer.
---
 ell/genl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ell/genl.c b/ell/genl.c
index 0ab6c98..d9f8af3 100644
--- a/ell/genl.c
+++ b/ell/genl.c
@@ -1079,7 +1079,8 @@ LIB_EXPORT struct l_genl_family *l_genl_family_new(struct l_genl *genl,
 	struct l_genl_family *family;
 	struct l_genl_msg *msg;
 
-	if (unlikely(!genl) || unlikely(!name))
+	if (unlikely(!genl) || unlikely(!name) ||
+		unlikely(strlen(name) >= GENL_NAMSIZ))
 		return NULL;
 
 	family = family_alloc(genl, name);
-- 
2.14.1

[PATCH 2/4] unit: Separate tests for different kinds of invalid genl names

[Mat Martineau]

[-- Attachment #1: Type: text/plain, Size: 1450 bytes --]

Long names now fail earlier and require a different test.
---
 unit/test-genl.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/unit/test-genl.c b/unit/test-genl.c
index db6d917..a381e25 100644
--- a/unit/test-genl.c
+++ b/unit/test-genl.c
@@ -92,7 +92,7 @@ static bool prep_family_vanished(struct l_genl *genl,
 	 * Use a bogus family name to trigger the vanished watch to
 	 * be called during the ELL event loop run.
 	 */
-	static const char BOGUS_GENL_NAME[] = "bogus_genl_family";
+	static const char BOGUS_GENL_NAME[] = "bogusgenlfamily";
 
 	data->vanished_family = l_genl_family_new(genl, BOGUS_GENL_NAME);
 	return l_genl_family_set_watches(data->vanished_family,
@@ -100,6 +100,15 @@ static bool prep_family_vanished(struct l_genl *genl,
 						data, NULL);
 }
 
+static bool name_too_long(struct l_genl *genl, struct test_data *data)
+{
+	static const char LONG_GENL_NAME[] = "long_genl_family_name";
+
+	assert(!l_genl_family_new(genl, LONG_GENL_NAME));
+
+	return true;
+}
+
 static bool check_test_data(struct test_data *data)
 {
     return data->group_id != 0 && data->vanished_called;
@@ -154,6 +163,8 @@ int main(int argc, char *argv[])
 	assert(prep_family_appeared(genl, &data));
 	assert(prep_family_vanished(genl, &data));
 
+	assert(name_too_long(genl, &data));
+
 	idle = l_idle_create(idle_callback, &data, NULL);
 
 	l_main_run();
-- 
2.14.1

[PATCH 3/4] unit: Close files before exiting

[Mat Martineau]

[-- Attachment #1: Type: text/plain, Size: 628 bytes --]

---
 unit/test-dbus-message-fds.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/unit/test-dbus-message-fds.c b/unit/test-dbus-message-fds.c
index ff645ea..c31d0aa 100644
--- a/unit/test-dbus-message-fds.c
+++ b/unit/test-dbus-message-fds.c
@@ -277,12 +277,13 @@ static void get_random_return_callback(struct l_dbus_message *message,
 	test_assert(fd0 != -1);
 
 	compare_files(fd0, fd1);
-	if (compare_failed)
-		return;
 
 	close(fd0);
 	close(fd1);
 
+	if (compare_failed)
+		return;
+
 	test_assert(l_idle_oneshot(get_random_idle_callback, NULL, NULL));
 }
 
-- 
2.14.1

[PATCH 4/4] examples: POSIX spec requires zeroing sockaddr_in

[Mat Martineau]

[-- Attachment #1: Type: text/plain, Size: 506 bytes --]

---
 examples/https-client-test.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/https-client-test.c b/examples/https-client-test.c
index 7a9c2a8..7135346 100644
--- a/examples/https-client-test.c
+++ b/examples/https-client-test.c
@@ -152,6 +152,7 @@ int main(int argc, char *argv[])
 		return -1;
 	}
 
+	memset(&addr, 0, sizeof(addr));
 	addr.sin_family = AF_INET;
 	addr.sin_port = htons(443);
 	memcpy(&addr.sin_addr, addr_list[0], sizeof(addr.sin_addr));
-- 
2.14.1

Re: [PATCH 1/4] genl: Sanitize incoming family name string

[Denis Kenzior]

[-- Attachment #1: Type: text/plain, Size: 271 bytes --]

Hi Mat,

On 09/27/2017 07:22 PM, Mat Martineau wrote:
> The null terminated name must fit in a system-defined fixed-size buffer.
> ---
>   ell/genl.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 

All four applied, thanks.

Regards,
-Denis