From owner-freebsd-bugs@FreeBSD.ORG Fri Jan 9 15:30:04 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7ABDD1065727 for ; Fri, 9 Jan 2009 15:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BB8398FC20 for ; Fri, 9 Jan 2009 15:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n09FU3Ad004890 for ; Fri, 9 Jan 2009 15:30:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n09FU3DD004882; Fri, 9 Jan 2009 15:30:03 GMT (envelope-from gnats) Date: Fri, 9 Jan 2009 15:30:03 GMT Message-Id: <200901091530.n09FU3DD004882@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "Li yonggang" Cc: Subject: Re: bin/124724: [patch] netstat(1): netstat coredump on -stable X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Li yonggang List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2009 15:30:05 -0000 The following reply was made to PR bin/124724; it has been noted by GNATS. From: "Li yonggang" To: "Jaakko Heinonen" Cc: bug-followup@freebsd.org Subject: Re: bin/124724: [patch] netstat(1): netstat coredump on -stable Date: Fri, 9 Jan 2009 15:23:36 +0000 ------=_Part_245680_27460863.1231514616637 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Thanks for your reply. your analysis is correct for netstat -m -N foo. but for netstat -m foo.I think it is caused by not checking the input, which is definitely not a good habit and bug latency. So a input check should be done as soon as possible. I combined the fixes of yours and mine to fix these 2 problems. I don't know why my diff can not show correctly, so I put it below as well: --- main.c 2009-01-09 15:05:05.000000000 +0000 +++ ../main.c 2009-01-08 13:57:38.000000000 +0000 @@ -341,6 +341,7 @@ int af; /* address family */ int live; /* true if we are examining a live system */ + int main(int argc, char *argv[]) { @@ -463,27 +464,11 @@ default: usage(); } - argv += optind; - argc -= optind; - -#define BACKWARD_COMPATIBILITY -#ifdef BACKWARD_COMPATIBILITY - if (*argv) { - if (isdigit(**argv)) { - interval = atoi(*argv); - if (interval <= 0) - usage(); - ++argv; - iflag = 1; - } - if (*argv) { - nlistf = *argv; - if (*++argv) - memf = *argv; - } - } -#endif - + /* + * Check if params are parsed correctly + * */ + if(*(argv += optind)) + usage(); /* * Discard setgid privileges if not the running kernel so that bad * guys can't print interesting stuff from kernel memory. On 1/9/09, Jaakko Heinonen wrote: > > Hi, > > On 2009-01-09, Li yonggang wrote: >> I think the root cause is that netstat does not check if the input is >> correct. so I think we should add some input checker while remove >> the >> BACKWARD_PATIBILITY code, which will lead to use incorrect input. > > Did you see my analysis and the patch for the problem? > > http://lists.freebsd.org/pipermail/freebsd-bugs/2008-June/031294.html > > Your patch doesn't address the "netstat -m -N foo" case. It also removes > the backward compatibility code. I don't know if that code has any real > value but I don't see need to remove it to fix this bug. > > -- > Jaakko > ------=_Part_245680_27460863.1231514616637 Content-Type: text/x-diff; name=main.diff Content-Transfer-Encoding: base64 X-Attachment-Id: file0 Content-Disposition: attachment; filename=main.diff LS0tIG1haW4uYwkyMDA5LTAxLTA5IDE1OjE3OjUxLjAwMDAwMDAwMCArMDAwMAorKysgLi4vbWFp bi5jCTIwMDktMDEtMDkgMTU6MTc6MDcuMDAwMDAwMDAwICswMDAwCkBAIC0zNDEsNiArMzQxLDcg QEAKIGludAlhZjsJCS8qIGFkZHJlc3MgZmFtaWx5ICovCiBpbnQJbGl2ZTsJCS8qIHRydWUgaWYg d2UgYXJlIGV4YW1pbmluZyBhIGxpdmUgc3lzdGVtICovCiAKKwogaW50CiBtYWluKGludCBhcmdj LCBjaGFyICphcmd2W10pCiB7CkBAIC00NjMsMzIgKzQ2NCwyMyBAQAogCQlkZWZhdWx0OgogCQkJ dXNhZ2UoKTsKIAkJfQotCWFyZ3YgKz0gb3B0aW5kOwotCWFyZ2MgLT0gb3B0aW5kOwotCi0jZGVm aW5lCUJBQ0tXQVJEX0NPTVBBVElCSUxJVFkKLSNpZmRlZglCQUNLV0FSRF9DT01QQVRJQklMSVRZ Ci0JaWYgKCphcmd2KSB7Ci0JCWlmIChpc2RpZ2l0KCoqYXJndikpIHsKLQkJCWludGVydmFsID0g YXRvaSgqYXJndik7Ci0JCQlpZiAoaW50ZXJ2YWwgPD0gMCkKLQkJCQl1c2FnZSgpOwotCQkJKyth cmd2OwotCQkJaWZsYWcgPSAxOwotCQl9Ci0JCWlmICgqYXJndikgewotCQkJbmxpc3RmID0gKmFy Z3Y7Ci0JCQlpZiAoKisrYXJndikKLQkJCQltZW1mID0gKmFyZ3Y7Ci0JCX0KLQl9Ci0jZW5kaWYK LQotCS8qCisgICAgLyoKKyAgICAgKiBQYXJhbXMgc2hvdWxkIGJlIHBhcnNlZCB3aXRob3V0IGVy cm9yLgorICAgICAqICovCisgICAgaWYoKihhcmd2ICs9IG9wdGluZCkpCisgICAgICAgIHVzYWdl KCk7CisgICAgLyoKKyAgICAgKiBrdm1fb3BlbmZpbGVzKDMpIGRvZXNuJ3QgbWFrZSB1c2Ugb2Yg bmxpc3RmIHZhbHVlIGlmIG1lbWYgaWYKKyAgICAgKiBudWxsLgorICAgICAqICovCisJaWYobmxp c3RmJiYhbWVtZikKKyAgICAgICAgZXJyeCgxLCJubyBjb3JlIGZpbGUgc3BlY2lmaWVkIik7Cisg ICAgLyoKIAkgKiBEaXNjYXJkIHNldGdpZCBwcml2aWxlZ2VzIGlmIG5vdCB0aGUgcnVubmluZyBr ZXJuZWwgc28gdGhhdCBiYWQKIAkgKiBndXlzIGNhbid0IHByaW50IGludGVyZXN0aW5nIHN0dWZm IGZyb20ga2VybmVsIG1lbW9yeS4KIAkgKi8KIAlsaXZlID0gKG5saXN0ZiA9PSBOVUxMICYmIG1l bWYgPT0gTlVMTCk7CisgICAgCiAJaWYgKCFsaXZlKQogCQlzZXRnaWQoZ2V0Z2lkKCkpOwogCg== ------=_Part_245680_27460863.1231514616637--