Date: Tue, 10 Feb 2009 22:57:39 +0100 From: Roman Divacky <rdivacky@freebsd.org> To: net@freebsd.org Cc: mav@freebsd.org Subject: unsafe C in netgraph/pppoed.c Message-ID: <20090210215739.GA24102@freebsd.org>
next in thread | raw e-mail | index | archive | help
--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
hi
struct pppoe_tag {
u_int16_t tag_type;
u_int16_t tag_len;
char tag_data[];
}__packed;
struct pppoe_hdr{
u_int8_t ver:4;
u_int8_t type:4;
u_int8_t code;
u_int16_t sid;
u_int16_t length;
struct pppoe_tag tag[];
}__packed;
this is inherently unsafe as the tag_data can only have 0 elements
to be used safely. gcc compiles this without warning although there
should be a big one.=20
I found this using clang, which produces this error/warning:
lev pppoed$ ccc -c pppoed.c =
ccc: Unknown host 'freebsd', using =
generic host information.
In file included from pppoed.c:41:
/usr/include/netgraph/ng_pppoe.h:213:22: error: 'struct pppoe_tag' may not =
be used as an array element due to flexible array member
struct pppoe_tag tag[];
^
1 diagnostic generated.
can you guys take a look at this issue?
thnx!
roman
p.s. please keep me CCed as I am not subscribed to net@
--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (FreeBSD)
iEYEARECAAYFAkmR+FIACgkQLVEj6D3CBEyIfgCeIu4KXgcWiuBtaEc0vZTxNh6q
fVwAn24pZibUbXncp6c2bYvPp4EQqS7T
=ZR3+
-----END PGP SIGNATURE-----
--xHFwDpU9dbj6ez1V--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090210215739.GA24102>