Project

General

Profile

Actions
Copy link

Bug #9121

closed

dladm: addrval can be NULL, need to check in iptun_process_addrarg()

Added by Gergő Mihály Doma almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Gergő Mihály Doma
Category:
cmd - userland programs
Start date:
2018-02-16
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
needs-triage
Gerrit CR:
External Bug:

Description

Original issue: https://github.com/joyent/illumos-joyent/issues/123

dladm should return with an error message indicating missing option value instead of segfault.

http://src.illumos.org/source/xref/illumos-gate/usr/src/cmd/dladm/dladm.c#3974

Actions
Copy link
 #1

Updated by Dan McDonald almost 5 years ago

From the illumos-joyent github bug:


While messing around with dladm:

# dladm create-iptun -T ipv4 -a local=172.16.12.10,remote tun0
Segmentation Fault (core dumped)

It's probably invalid syntax for the dladm command but it shouldn't segfault. Trace is:

    $C
    08047318 libc.so.1`strlen+0x30(804780d, 0, 401, fee2c574)
    08047368 iptun_process_addrarg+0x8d(8047de7, 8047400, 80473a8, feea4d82)
    080473a8 iptun_process_args+0x78(6, 8047cac, 80688d6, 8047400, 80473fc, 80473dc)
    08047c28 do_create_iptun+0x33(6)
    08047c68 main+0xb9(8047c5c, fef1a768, 8047c9c, 8056ac7, 7, 8047ca8)
    08047c9c _start+0x83(7, 8047db0, 8047db6, 8047dc3, 8047dc6, 8047dcb)

The iptun_process_addrarg() dies because it parsed "remote" without an equal sign. That'll return a legitimate value, BUT "addrval" will be (rightfully) set to NULL. iptun_process_addrarg() needs to be a bit stronger.

Actions
Copy link
 #3

Updated by Joshua M. Clulow almost 5 years ago

Testing notes

As per the note from Gergő in the RTI mail:

The Illumos Project     SunOS 5.11      master-0-g1cfad7ce45    Feb. 25, 2018
SunOS Internal Development: domag 2018-Feb-25 [illumos-gate-bug-9121_build]
root@openindiana:~# dladm create-iptun -t -a local=,remote test_iptun_01
dladm: tunnel destination address value is missing
root@openindiana:~# dladm create-iptun -t -a local,remote test_iptun_01
dladm: tunnel source address value is missing
root@openindiana:~# dladm create-iptun -T ipv4 -t -a local=127.0.0.1,remote test_iptun_01
dladm: tunnel destination address value is missing
root@openindiana:~# dladm create-iptun -T ipv4 -t -a local=127.0.0.1,remote= test_iptun_01
dladm: could not create tunnel: invalid argument
root@openindiana:~# dladm create-iptun -T ipv4 -t -a local=,remote= test_iptun_01
dladm: could not create tunnel: invalid argument
root@openindiana:~#
Actions
Copy link
 #4

Updated by Electric Monk almost 5 years ago

  • % Done changed from 0 to 100
  • Status changed from New to Closed

git commit d22bfd225d09e94269c9a8afaf1e686a5d74d823

commit  d22bfd225d09e94269c9a8afaf1e686a5d74d823
Author: Doma Gergő Mihály <domag02@google.com>
Date:   2018-03-11T06:34:08.000Z

    9121 dladm: addrval can be NULL, need to check in iptun_process_addrarg()
    Reviewed by: Toomas Soome <tsoome@me.com>
    Reviewed by: Andrew Stormont <andyjstormont@gmail.com>
    Reviewed by: Igor Kozhukhov <igor@dilos.org>
    Approved by: Joshua M. Clulow <josh@sysmgr.org>

Actions
Copy link

Also available in: Atom PDF