| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Fixes: 49c20efaa783 ('xfrm: fix crashes in case of ENOMEM')
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity really wants to warn if a time_t is cast to 32 bits.
We use time() here to get (some very bad) randomness. The loss
of the upper bits is the least of the problems.
Work around the coverity warning by also the higher bits.
Error: Y2K38_SAFETY (CWE-197): [#def12]
libnl-3.8.0/lib/socket.c:76: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
# 74|
# 75| if (idx_state == 0) {
# 76|-> uint32_t t = (uint32_t) time(NULL);
# 77|
# 78| /* from time to time (on average each 2^15 calls), the idx_state will
Error: Y2K38_SAFETY (CWE-197): [#def13]
libnl-3.8.0/lib/socket.c:193: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "unsigned int".
# 191| sk->s_local.nl_family = AF_NETLINK;
# 192| sk->s_peer.nl_family = AF_NETLINK;
# 193|-> sk->s_seq_next = (unsigned int) time(NULL);
# 194| sk->s_seq_expect = sk->s_seq_next;
# 195|
|
| |
|
|
|
| |
Update the Fedora container for github. In particular, this updates
the used version of clang-format for formatting the C sources.
|
| |
|
|
| |
Build a container image for the code formatting, and run that.
|
| |
|
|
| |
Coverity warns "Signed integer overflow for expression '1<<31'".
|
| |
|
|
|
|
| |
Coverity warns about this. Try to avoid the warning by casting.
We only use time() to get some (very little) entropy. The cast
is fine.
|
| |
|
|
| |
Not important, but coverity flags this. Avoid it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
rtnl_act_append() either takes ownership of the argument, or does
nothing (on error). This pattern is hard to get right. In the past,
there were various bugs at this place.
Add two wrappers _rtnl_act_append_get() and _rtnl_act_append_take()
which consistently don't take ownership of the pointer or take it.
Also, in functions like rtnl_flower_append_action() only set the mask
after successfully modifying the data.
|
| |
|
|
|
|
| |
Using rtnl_act_append() correctly is hard.
Fixes: ef46de143206 ('route/cls: add flower classifier')
|
| |
|
|
| |
Fixes: 105a6be10a5f ('route: use cleanup macro in rtnl_act_parse()')
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This is useful for a very special case. For a cleanup macro
that calls rtnl_act_put_all(). In that case, we have a auto
variable `struct rtnl_act *head`, but the cleanup function
expects as argument `&head`.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity warns:
Error: RESOURCE_LEAK (CWE-772): [#def2]
libnl-3.8.0/lib/route/act.c:421: alloc_fn: Storage is returned from allocation function "rtnl_act_alloc".
libnl-3.8.0/lib/route/act.c:421: var_assign: Assigning: "act" = storage returned from "rtnl_act_alloc()".
libnl-3.8.0/lib/route/act.c:426: var_assign: Assigning: "tc" = "act".
libnl-3.8.0/lib/route/act.c:438: noescape: Resource "tc" is not freed or pointed-to in "rtnl_tc_set_kind".
libnl-3.8.0/lib/route/act.c:455: leaked_storage: Variable "tc" going out of scope leaks the storage it points to.
libnl-3.8.0/lib/route/act.c:455: leaked_storage: Variable "act" going out of scope leaks the storage it points to.
# 453| tc_act_stats_policy);
# 454| if (err < 0)
# 455|-> return err;
# 456|
# 457| if (tb3[TCA_STATS_BASIC]) {
Fixes: 05bd6366387c ('add support for TC action statistics')
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Seems the static array indices can confuse coverity. I think coverity is wrong
here, regardless, change it.
libnl-3.8.0/include/base/nl-base-utils.h:683: overrun-buffer-arg: Overrunning buffer pointed to by "buf" of 16 bytes by passing it to a function which accesses it at byte offset 45 using argument "(addr_family == 2) ? 16 : 46" (which evaluates to 46).
# 681| * and a suitably large buffer, it cannot. Assert for that. */
# 682|
# 683|-> r = (char *)inet_ntop(addr_family, addr, buf,
# 684| (addr_family == AF_INET) ? INET_ADDRSTRLEN :
# 685| INET6_ADDRSTRLEN);
|
| |
|
|
|
|
|
| |
Adds the rtnl_link_can_get_device_stats function to get xstats of a
CAN-bus link as a can_device_stats struct.
https://github.com/thom311/libnl/pull/368
|
| |
|
|
|
|
|
|
|
|
|
| |
This seems good for our test builds.
This can result in additional uninitialized variable warnings about
autovariables with cleanup attribute.
This flag is also enabled by default on Fedora package build ([1]).
[1] https://src.fedoraproject.org/rpms/redhat-rpm-config//blob/rawhide/f/buildflags.md
|
| |\
| |
| |
| | |
https://github.com/thom311/libnl/pull/367
|
| | |
| |
| |
| | |
Use cleanup attribute and return-early.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Use _nl_addr_build() helper. No need for all this redundant code.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
These internal error codes are probably a bad idea. However, at least be
consistent about it.
Fixes: 77bbf2270ce7 ('xfrm: fix an unintialized return value on memory allocation error in xfrmnl_ae_parse()')
|
| | |
| |
| |
| |
| |
| |
| | |
Passing a size of (sizeof (ae_id->saddr)) is wrong for IPv4. The size depends
on the address family.
Fixes: 917154470895 ('xfrm: add xfrm support')
|
| | | |
|
| |/ |
|
| |\
| |
| |
| | |
https://github.com/thom311/libnl/pull/366
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Leaving XFRM_SP_ATTR_TMPL active in the mask may not impose a problem
but, when removing the last template from a policy, the value signifying
attached templates should be cleared.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's a similar issue as in commit 3f4f1dda, when calling
xfrmnl_sp_parse, the refcount of the addresses for selectors and
templates increases to two, as xfrmnl_sel_set_[s|d]addr and
xfrmnl_user_tmpl_set_[s|d]addr add another reference to the address
object. As only one of those refs is dropped in sel_destroy or
xfrmnl_user_tmpl_free respectively the address objects' refcount
will never drop to zero, causing a leak.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Fixes: 917154470895 ('xfrm: add xfrm support')
|
| |
|
|
|
|
|
| |
[thaller@redhat.com: fixed wrong variable name in code and reworded
commit message.]
https://github.com/thom311/libnl/pull/363
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes tests with a non-bash shell as /bin/sh (in this case, dash) which
does not support `echo -e`. echo itself is portable, but not echo with any arguments.
Use `printf` instead.
Fixes: d9a1e0ce9c95 ('build: add "check-local-build-headers" test target to build public headers')
https://github.com/thom311/libnl/pull/360
|
| |
|
|
|
|
| |
Fixes: 87d370912ca8 ("netlink.nlattr re-implemented in more pythonic way")
https://github.com/thom311/libnl/pull/359
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
The NOTE refers to an ancient libnl3 version. It is not relevant
anymore. Drop it.
Instead, print some summary overview from the configuration.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We get this warning:
aclocal: warning: couldn't open directory 'm4': No such file or directory
Avoid it, by letting "doc/configure.ac" use the top-level m4 directory
too.
|
| | |
| |
| |
| |
| | |
configure.ac:67: warning: The macro `AM_PROG_LIBTOOL' is obsolete.
configure.ac:67: You should run autoupdate.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Silence warnings with "-Wno-portability".
Makefile.am:1130: warning: '%'-style pattern rules are a GNU make extension
Makefile.am:1131: warning: dir $@: non-POSIX variable name
Makefile.am:1131: (probably a GNU make extension)
Makefile.am:1134: warning: '%'-style pattern rules are a GNU make extension
Makefile.am:1137: warning: patsubst %,%.build-headers-test.o,$(public_headers: non-POSIX variable name
Makefile.am:1137: (probably a GNU make extension)
We care about portability, but only to the extend that we test configurations
via CI. As all our current CI passes, the warning is bogus and not something we
will fix.
If you come up in a situation where this is a problem, then we have a real
scenario at hand and something to fix. Unless that happens, we target a real
implementation and not the make specification.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Change the license for a few files from GPL-2.0-only to
LGPL-2.1-only.
All relevant contributions seems to have been made by Thomas Graf. I
presume, this was just a mistake in the license header, as the project
as a whole is LGPL licensed. Thomas as working for Red Hat at the time,
maybe the copyright for the code is with Red Hat.
In any case, the wrong licensing needs to be fixed. If there are any
objections to this, the offending code needs to be removed. Please reach
out in that case.
https://github.com/thom311/libnl/pull/357
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In commit ef858fb492df ('- Reworked the classifier interface. - Added
initial ematch support - Added support for the basic classifier - Added
support for the cgroup classifier'), the license headers were added as
GPL-2.0-only. That is in conflict with the licences of the project and a
problem.
We would either have to delete the code, or "change" the license.
The file only had (relevant) contributions by Thomas Graf. There are
some trivial modifications by myself (Thomas Haller), and I agree with
this change. There is also a small change by another contributor, which
does seem trivial enough to not prevent changing the license:
- 4ff512b05456 [Cong Wang] ('correct --protocol option for nl-cls-* utilities')
- c52087601198 [Peter Wu] ('trivial: whitespace-only fixes for src and lib')
- cee0b1b50c2e [Yegor Yefremov] ('Add SPDX identifiers')
See `gitk src/nl-cls-add.c`.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In commit 5e732ad075e5 ('New set of address management tools'), the
license headers were added/changed as GPL-2.0-only. That is in conflict
with the licences of the project and a problem.
We would either have to delete the code, or "change" the license.
The files only had (relevant) contributions by Thomas Graf. There are
some trivial modifications by myself (Thomas Haller), and I agree with
this change. There are also small changes by another contributors, which
seem trivial enough to not prevent changing the license:
- 7701c8572fa4 [Pavel Roskin] ('Make some functions and global variables static')
- c52087601198 [Peter Wu] ('trivial: whitespace-only fixes for src and lib')
- cee0b1b50c2e [Yegor Yefremov] ('Add SPDX identifiers')
See `gitk src/nl-addr-{add,delete,list}.c`.
|
| |\ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
srandom() and random() are a code smell, because they are not thread safe.
Avoid its usage, even if this was only for testing. Even in testing code,
we don't want to find those functions and have to reason why they are fine
for testing. Just don't.
Arguably, _nltst_rand_u32() calls jrand48(), which (in glibc) is
possibly not thread-safe either. But that is only one place for
investigation, instead of 3.
Also, _nltst_rand_u32() honors NLTST_SEED_RAND to generate a
reproducible sequence of random numbers.
|
| | |
| |
| |
| | |
Avoid non-threadsafe libc API.
|
| | | |
|
| |/ |
|
