netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [libnftnl PATCH] src: Fix nftnl_assert() on data_len
@ 2020-02-14 17:24 Phil Sutter
  2020-02-14 17:32 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 12+ messages in thread
From: Phil Sutter @ 2020-02-14 17:24 UTC (permalink / raw)
  To: Pablo Neira Ayuso; +Cc: netfilter-devel

Typical idiom for *_get_u*() getters is to call *_get_data() and make
sure data_len matches what each of them is returning. Yet they shouldn't
trust *_get_data() to write into passed pointer to data_len since for
chains and NFTNL_CHAIN_DEVICES attribute, it does not. Make sure these
assert() calls trigger in those cases.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 src/chain.c | 8 ++++----
 src/rule.c  | 6 +++---
 src/set.c   | 4 ++--
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/chain.c b/src/chain.c
index b4066e4d4e888..62a9249b57930 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -385,7 +385,7 @@ const char *nftnl_chain_get_str(const struct nftnl_chain *c, uint16_t attr)
 EXPORT_SYMBOL(nftnl_chain_get_u32);
 uint32_t nftnl_chain_get_u32(const struct nftnl_chain *c, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint32_t *val = nftnl_chain_get_data(c, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint32_t));
@@ -396,7 +396,7 @@ uint32_t nftnl_chain_get_u32(const struct nftnl_chain *c, uint16_t attr)
 EXPORT_SYMBOL(nftnl_chain_get_s32);
 int32_t nftnl_chain_get_s32(const struct nftnl_chain *c, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const int32_t *val = nftnl_chain_get_data(c, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(int32_t));
@@ -407,7 +407,7 @@ int32_t nftnl_chain_get_s32(const struct nftnl_chain *c, uint16_t attr)
 EXPORT_SYMBOL(nftnl_chain_get_u64);
 uint64_t nftnl_chain_get_u64(const struct nftnl_chain *c, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint64_t *val = nftnl_chain_get_data(c, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(int64_t));
@@ -418,7 +418,7 @@ uint64_t nftnl_chain_get_u64(const struct nftnl_chain *c, uint16_t attr)
 EXPORT_SYMBOL(nftnl_chain_get_u8);
 uint8_t nftnl_chain_get_u8(const struct nftnl_chain *c, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint8_t *val = nftnl_chain_get_data(c, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(int8_t));
diff --git a/src/rule.c b/src/rule.c
index 8d7e0681cb42c..ffdbbf8e08140 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -249,7 +249,7 @@ const char *nftnl_rule_get_str(const struct nftnl_rule *r, uint16_t attr)
 EXPORT_SYMBOL(nftnl_rule_get_u32);
 uint32_t nftnl_rule_get_u32(const struct nftnl_rule *r, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint32_t *val = nftnl_rule_get_data(r, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint32_t));
@@ -260,7 +260,7 @@ uint32_t nftnl_rule_get_u32(const struct nftnl_rule *r, uint16_t attr)
 EXPORT_SYMBOL(nftnl_rule_get_u64);
 uint64_t nftnl_rule_get_u64(const struct nftnl_rule *r, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint64_t *val = nftnl_rule_get_data(r, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint64_t));
@@ -271,7 +271,7 @@ uint64_t nftnl_rule_get_u64(const struct nftnl_rule *r, uint16_t attr)
 EXPORT_SYMBOL(nftnl_rule_get_u8);
 uint8_t nftnl_rule_get_u8(const struct nftnl_rule *r, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint8_t *val = nftnl_rule_get_data(r, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint8_t));
diff --git a/src/set.c b/src/set.c
index 651dcfa56022d..6a6f19bc7fbbf 100644
--- a/src/set.c
+++ b/src/set.c
@@ -303,7 +303,7 @@ const char *nftnl_set_get_str(const struct nftnl_set *s, uint16_t attr)
 EXPORT_SYMBOL(nftnl_set_get_u32);
 uint32_t nftnl_set_get_u32(const struct nftnl_set *s, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint32_t *val = nftnl_set_get_data(s, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint32_t));
@@ -314,7 +314,7 @@ uint32_t nftnl_set_get_u32(const struct nftnl_set *s, uint16_t attr)
 EXPORT_SYMBOL(nftnl_set_get_u64);
 uint64_t nftnl_set_get_u64(const struct nftnl_set *s, uint16_t attr)
 {
-	uint32_t data_len;
+	uint32_t data_len = 0;
 	const uint64_t *val = nftnl_set_get_data(s, attr, &data_len);
 
 	nftnl_assert(val, attr, data_len == sizeof(uint64_t));
-- 
2.24.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread
end of thread, other threads:[~2020-02-19  9:40 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-14 17:24 [libnftnl PATCH] src: Fix nftnl_assert() on data_len Phil Sutter
2020-02-14 17:32 ` Pablo Neira Ayuso
2020-02-14 17:34   ` Phil Sutter
2020-02-14 17:42     ` Pablo Neira Ayuso
2020-02-15  0:43       ` Phil Sutter
2020-02-15 13:17         ` Pablo Neira Ayuso
2020-02-15 22:58           ` Phil Sutter
2020-02-18 13:42             ` Pablo Neira Ayuso
2020-02-18 18:18               ` Phil Sutter
2020-02-18 21:06                 ` Pablo Neira Ayuso
2020-02-18 23:02                   ` Phil Sutter
2020-02-19  9:32                     ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).