Branch: refs/heads/netload-fixes Home: https://github.com/kronosnet/kronosnet Commit: 89213e429ef7eb8241606313b99ff413afdb8662 https://github.com/kronosnet/kronosnet/commit/89213e429ef7eb8241606313b99ff4... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-09-19 (Thu, 19 Sep 2019)
Changed paths: M libknet/links.c
Log Message: ----------- Merge pull request #257 from kronosnet/netload-fixes
[links] fix memory corryption of link structure
Commit: eba47802dc84f096b0dca3c6963baa1d94bed6a2 https://github.com/kronosnet/kronosnet/commit/eba47802dc84f096b0dca3c6963baa... Author: Ferenc Wágner wferi@debian.org Date: 2019-09-25 (Wed, 25 Sep 2019)
Changed paths: M libknet/tests/api_knet_send.c
Log Message: ----------- tests: skip the SCTP test if SCTP is not supported by the kernel
For example, module loading is disabled on Debian build daemons. (In the vein of c5aa1c3343703455b480cef5c173f471e1bb020f.)
Signed-off-by: Ferenc Wágner wferi@debian.org
Commit: 1c5d845851028e8e423095dab5a2d87c8eff1437 https://github.com/kronosnet/kronosnet/commit/1c5d845851028e8e423095dab5a2d8... Author: Ferenc Wágner wferi@debian.org Date: 2019-09-25 (Wed, 25 Sep 2019)
Changed paths: M libknet/transport_sctp.c
Log Message: ----------- Fix typo: trasport -> transport
Signed-off-by: Ferenc Wágner wferi@debian.org
Commit: 9f10144d0274c89423d8422ef826a02459e602d8 https://github.com/kronosnet/kronosnet/commit/9f10144d0274c89423d8422ef826a0... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-09-25 (Wed, 25 Sep 2019)
Changed paths: M libknet/tests/api_knet_send.c M libknet/transport_sctp.c
Log Message: ----------- Merge pull request #258 from kronosnet/wferi/fixes
Assorted small fixups
Commit: 728ca4fb953992be7100a33c5720496ae5fef5c1 https://github.com/kronosnet/kronosnet/commit/728ca4fb953992be7100a33c572049... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths: M libknet/tests/api_knet_handle_pmtud_set.c M libknet/tests/api_knet_link_set_enable.c M libknet/tests/test-common.c M libknet/tests/test-common.h
Log Message: ----------- [tests] add common function to sleep based on how the test suite is running
Address issue while waiting for host to be up and PMTUd first run.
Signed-off-by: Fabio M. Di Nitto fdinitto@redhat.com
Commit: a0128b93d4a6b5637cbc5885a0a64e333d93a414 https://github.com/kronosnet/kronosnet/commit/a0128b93d4a6b5637cbc5885a0a64e... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths: M libknet/tests/api_knet_handle_pmtud_set.c M libknet/tests/api_knet_link_set_enable.c M libknet/tests/test-common.c M libknet/tests/test-common.h
Log Message: ----------- Merge pull request #260 from kronosnet/test-suite
[tests] add common function to sleep based on how the test suite is r…
Commit: f2bb002911d669f1b8c07cba5f86c580d4e30bf3 https://github.com/kronosnet/kronosnet/commit/f2bb002911d669f1b8c07cba5f86c5... Author: Thomas Lamprecht t.lamprecht@proxmox.com Date: 2019-10-08 (Tue, 08 Oct 2019)
Changed paths: M man/doxyxml.c
Log Message: ----------- doxyxml: print_param: fix heap-buffer-overflow on read
in read_struct we can get the pi->paramtype assigned with:
pi->paramtype = type?strdup(type):strdup("");
And in print_param we then always check the last character by getting the strlen and subtracting one. But in the case where either type was NULL and we assigned an empty string, or type wasn't null but pointing to an empty string we ran into an read-heap-buffer-overflow as here strlen is zero, and so we the first if branch evaluated to
if (pi->paramtype[-1] == '*') {
which isn't valid. Depending on the OS, protection of surrounding area due to said OS or the compiler, this can crash the program.
Similar issue was the case for the next check for double pointers, here for all strings with strlen < 2.
To solve this get the strlen early and check if we cannot underflow before doing the real read.
Signed-off-by: Thomas Lamprecht t.lamprecht@proxmox.com
Commit: f2f1fe9162ca82d45187ab0b26009207932686f0 https://github.com/kronosnet/kronosnet/commit/f2f1fe9162ca82d45187ab0b260092... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-10-09 (Wed, 09 Oct 2019)
Changed paths: M man/doxyxml.c
Log Message: ----------- Merge pull request #262 from ThomasLamprecht/fix-doxyxml-overflow
doxyxml: print_param: fix heap-buffer-overflow on read
Commit: 38e40998ec6b843218251a2b56cb056d5b9fbc6e https://github.com/kronosnet/kronosnet/commit/38e40998ec6b843218251a2b56cb05... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-10-09 (Wed, 09 Oct 2019)
Changed paths: M configure.ac M man/Makefile.am
Log Message: ----------- [build] add --with-sanitizers= option for sanitizer builds
this option is stricly meant for runtime debugging purposes. do NOT use in production.
check gcc/clang man pages on how to use ASAN/UBSAN/TSAN.
Also allow users to specificy SANITIZERS_CFLAGS and SANITIZERS_LDFLAGS for advanced use.
Signed-off-by: Fabio M. Di Nitto fdinitto@redhat.com
Commit: 7c470fe6fe90d7a523ca0bfc238ed89e0948f940 https://github.com/kronosnet/kronosnet/commit/7c470fe6fe90d7a523ca0bfc238ed8... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2019-10-09 (Wed, 09 Oct 2019)
Changed paths: M configure.ac M man/Makefile.am
Log Message: ----------- Merge pull request #263 from kronosnet/runtime-debug
[build] add --with-sanitizers= option for sanitizer builds
Compare: https://github.com/kronosnet/kronosnet/compare/93f3df56ce10...7c470fe6fe90
-
Fabio M. Di Nitto