Re: [PATCH 1/3] rtnl: Fix address conversion buffer overflow.
Hi Ossama,
On 11/9/21 6:14 PM, Ossama Othman wrote:
Some l_rtnl functions that return a stringified address could
potentially overrun a user supplied buffer of insufficient length.
Add a buffer length argument to prevent ELL from making incorrect
assumptions. Impacted functions are l_rtnl_address_get_address(),
l_rtnl_route_get_gateway(), and l_rtnl_route_get_prefsrc().
---
ell/rtnl.c | 28 +++++++++++++++++-----------
ell/rtnl.h | 8 +++++---
2 files changed, 22 insertions(+), 14 deletions(-)
<snip>
bool l_rtnl_address_get_address(const struct l_rtnl_address *addr,
- char *out_buf);
+ char *out_buf, size_t buflen);
So I'm a little torn about this. On the one hand, specifying the buffer len is
indeed safer. However, simply passing a buffer of size INET6_ADDRSTRLEN is also
guaranteed to work for any address that we support and saves the need for the
extra argument. Alternatively, if you know the family or can look it up via
l_rtnl_*_get_family(), you can use INET_ADDRSTRLEN for ipv4 getters. Maybe this
is more of a documentation issue?
If you look at how iwd uses these functions, the extra argument is unnecessary.
Can you share more info about what made you propose this change? Are you using
these functions in ways where the buffer size argument would be advantageous?
Regards,
-Denis