Google Git
Sign in
kernel / pub / scm / utils / kernel / ipvsadm / ipvsadm / 5cd1778489c52d480df64d4541a48258b88d10de
commit5cd1778489c52d480df64d4541a48258b88d10de[log] [tgz]
authorJulian Anastasov <ja@ssi.bg>Thu May 24 23:37:45 2018 +0300
committerJesper Dangaard Brouer <brouer@redhat.com>Tue May 29 15:35:38 2018 +0200
tree2ab821885bd10cea2fd774858b7ab8f8a028a7b6
parent76c1270148161242f240d9a00746cf06d916b3e3 [diff]
libipvs: fix some buffer sizes

Size or length? Here is the answer:

- IP_VS_SCHEDNAME_MAXLEN and IP_VS_IFNAME_MAXLEN are sizes
because they are used in kernel structures exported to user
space for the old setsockopt interface. We can not change
these structures in the kernel.

- IP_VS_PENAME_MAXLEN and IP_VS_PEDATA_MAXLEN are max lengths
because they are not exported to the old interface.

As result:
- buffers should have space for NUL terminator
- strncpy should use sizeof(buffer) - 1 as max length

As we change the libipvs structures, their users should be
recompiled.

Maintainers notes:
This change is related/inspired by kernel commit 52f96757905b
("ipvs: fix buffer overflow with sync daemon and service") found
by syzkaller.  While this fix is found by manual review.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Acked-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
3 files changed
tree: 2ab821885bd10cea2fd774858b7ab8f8a028a7b6
  1. contrib/
  2. debian/
  3. libipvs/
  4. config_stream.c
  5. config_stream.h
  6. dynamic_array.c
  7. dynamic_array.h
  8. ipvsadm-restore
  9. ipvsadm-restore.8
  10. ipvsadm-save
  11. ipvsadm-save.8
  12. ipvsadm.8
  13. ipvsadm.c
  14. ipvsadm.sh
  15. ipvsadm.spec.in
  16. MAINTAINERS
  17. Makefile
  18. PERSISTENCE_ENGINES
  19. README
  20. release-tarball.sh
  21. SCHEDULERS
  22. VERSION