[ovs-dev] [PATCH] netdev: fix crash when ifa_netmask is null

Ben Pfaff blp at ovn.org
Wed Jul 12 15:51:38 UTC 2017


On Wed, Jul 12, 2017 at 04:19:38PM +0800, linhaifeng wrote:
> 在 2017/7/12 12:55, Ben Pfaff 写道:
> > On Tue, Jul 04, 2017 at 08:52:57AM +0800, Haifeng Lin wrote:
> >> The ifa_netmask is null when failed to call ioctl
> >> in getifaddrs
> >>
> >> Signed-off-by: Haifeng Lin <haifeng.lin at huawei.com>
> > Thanks for figuring this out.
> >
> > What does it mean if ifa_netmask is null?  Does it mean that the address
> > should be ignored entirely?  The manpage for getifaddrs doesn't say.
> > And what about for IPv4 addresses?
> The glibc code shows that the ifa_netmask maybe NULL:
> ...
> if (__ioctl (fd, SIOCGIFNETMASK, ifr) < 0)
>         storage[i].ia.ifa_netmask = NULL;
> else
>         {
>           storage[i].ia.ifa_netmask = &storage[i].netmask;
>           storage[i].netmask = ifr->ifr_netmask;
>         }
> ...
> 
> > Maybe the right fix would be this:
> >
> > diff --git a/lib/netdev.c b/lib/netdev.c
> > index 26e87a2ee2ec..68003a829f27 100644
> > --- a/lib/netdev.c
> > +++ b/lib/netdev.c
> > @@ -1967,7 +1967,8 @@ netdev_get_addrs(const char dev[], struct in6_addr **paddr,
> >      for (ifa = if_addr_list; ifa; ifa = ifa->ifa_next) {
> >          int family;
> >  
> > -        if (strncmp(ifa->ifa_name, dev, IFNAMSIZ) || ifa->ifa_addr == NULL) {
> > +        if (strncmp(ifa->ifa_name, dev, IFNAMSIZ)
> > +            || !ifa->ifa_addr || !ifa->ifa_netmask) {
> >              continue;
> >          }
> >  
> > What do you think?
> I think we should check ifa_name too because we don't know what would happen in glibc
> and we should guarantee that ovs-vswitchd not crash.

Can't hurt.  Thanks!

I applied the following to master, branch-2.7, and branch-2.6.

--8<--------------------------cut here-------------------------->8--

From: Haifeng Lin <haifeng.lin at huawei.com>
Date: Tue, 4 Jul 2017 08:52:57 +0800
Subject: [PATCH] netdev: Fix crash when ifa_netmask is null.

glibc sometimes doesn't initialize the ifa_netmask and ifa_addr fields, if
the ioctl to fetch them fails.  Check ifa_name also just for paranoia.

Signed-off-by: Haifeng Lin <haifeng.lin at huawei.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
---
 lib/netdev.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/netdev.c b/lib/netdev.c
index 26e87a2ee2ec..0d5fad5738e8 100644
--- a/lib/netdev.c
+++ b/lib/netdev.c
@@ -1967,7 +1967,8 @@ netdev_get_addrs(const char dev[], struct in6_addr **paddr,
     for (ifa = if_addr_list; ifa; ifa = ifa->ifa_next) {
         int family;
 
-        if (strncmp(ifa->ifa_name, dev, IFNAMSIZ) || ifa->ifa_addr == NULL) {
+        if (!ifa->ifa_name || !ifa->ifa_addr || !ifa->ifa_netmask
+            || strncmp(ifa->ifa_name, dev, IFNAMSIZ)) {
             continue;
         }
 
-- 
2.10.2



More information about the dev mailing list