From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/12884
Path: news.gmane.org!.POSTED!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: Endless loop in netlink_msg_to_ifaddr
Date: Fri, 1 Jun 2018 21:44:33 -0400
Message-ID: <20180602014433.GS1392@brightrain.aerifal.cx>
References: <CAHMF36G5xM=M7RqpmrixA32rB+G3a4L6Vem1Lh2Wp4hKMEoKpw@mail.gmail.com>
 <20180530154529.0bf8f46b@vostro>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1527903762 2818 195.159.176.226 (2 Jun 2018 01:42:42 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Sat, 2 Jun 2018 01:42:42 +0000 (UTC)
User-Agent: Mutt/1.5.21 (2010-09-15)
To: musl@lists.openwall.com
Original-X-From: musl-return-12900-gllmg-musl=m.gmane.org@lists.openwall.com Sat Jun 02 03:42:38 2018
Return-path: <musl-return-12900-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by blaine.gmane.org with smtp (Exim 4.84_2)
	(envelope-from <musl-return-12900-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1fOvZ0-0000cH-3Z
	for gllmg-musl@m.gmane.org; Sat, 02 Jun 2018 03:42:38 +0200
Original-Received: (qmail 22308 invoked by uid 550); 2 Jun 2018 01:44:46 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Original-Received: (qmail 22287 invoked from network); 2 Jun 2018 01:44:46 -0000
Content-Disposition: inline
In-Reply-To: <20180530154529.0bf8f46b@vostro>
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:12884
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/12884>

On Wed, May 30, 2018 at 03:45:29PM +0300, Timo Teras wrote:
> On Wed, 30 May 2018 11:57:03 +0200
> Matej Kupljen <matej.kupljen@gmail.com> wrote:
> 
> > I am using OpenWRT device with MUSL C library version 1.1.19 and I am
> > running custom binary on it. I noticed that during testing my program
> > started using 99% CPU.
> > I build OpenWRT myself so I have all the sources. I attached the
> > gdbserver and checked what is going on.
> 
> Thanks for the report!
> 
> > As you can see the first message in netlink reply has a rta_len set
> > to zero so the list is never traversed, only the first message is
> > received every time.
> > 
> > I am not sure if this is the correct response from netlink, however
> > the program is stucked here.
> >
> > Any ideas?
> > Please CC me in reply.
> 
> That is invalid message to my understanding. Perhaps there's some new
> extensions that allow it. Upstream (linux kernel) RTA_OK does do
> additional checks against this situation.
> 
> The same issue probably affects if_nameindex.
> 
> I think the following should fix it:
> 
> diff --git a/src/network/netlink.h b/src/network/netlink.h
> index 20700ac5..00dc7172 100644
> --- a/src/network/netlink.h
> +++ b/src/network/netlink.h
> @@ -80,13 +80,13 @@ struct ifaddrmsg {
>  #define NLMSG_DATALEN(nlh)	((nlh)->nlmsg_len-sizeof(struct nlmsghdr))
>  #define NLMSG_DATAEND(nlh)	((char*)(nlh)+(nlh)->nlmsg_len)
>  #define NLMSG_NEXT(nlh)		(struct nlmsghdr*)((char*)(nlh)+NETLINK_ALIGN((nlh)->nlmsg_len))
> -#define NLMSG_OK(nlh,end)	((char*)(end)-(char*)(nlh) >= sizeof(struct nlmsghdr))
> +#define NLMSG_OK(nlh,end)	((char*)(end)-(char*)(nlh) >= sizeof(struct nlmsghdr) && (nlh)->nlmsg_len >= sizeof(struct nlmsghdr))
>  
>  #define RTA_DATA(rta)		((void*)((char*)(rta)+sizeof(struct rtattr)))
>  #define RTA_DATALEN(rta)	((rta)->rta_len-sizeof(struct rtattr))
>  #define RTA_DATAEND(rta)	((char*)(rta)+(rta)->rta_len)
>  #define RTA_NEXT(rta)		(struct rtattr*)((char*)(rta)+NETLINK_ALIGN((rta)->rta_len))
> -#define RTA_OK(nlh,end)		((char*)(end)-(char*)(rta) >= sizeof(struct rtattr))
> +#define RTA_OK(rta,end)		((char*)(end)-(char*)(rta) >= sizeof(struct rtattr) && (rta)->rta_len >= sizeof(struct rtattr))
>  
>  #define NLMSG_RTA(nlh,len)	((void*)((char*)(nlh)+sizeof(struct nlmsghdr)+NETLINK_ALIGN(len)))
>  #define NLMSG_RTAOK(rta,nlh)	RTA_OK(rta,NLMSG_DATAEND(nlh))
> 
> 
> Could you try if this fixes it?

I'm still waiting to hear whether this fixed it.

> You will probably need to 'make clean' or at least force recompilation
> of src/network/{getifaddrs,if_nameindex,netlink}.c as the netlink.h
> dependency is not picked up by the makefile automatically.
> 
> @dalias, if the above looks good to you, I am happy to submit properly
> formatted git patch for it.

I don't see anything obvious wrong with the proposed patch, but it
would be nice to have a better understanding of why it's needed and
whether this is a workaround for a kernel bug (present in which
kernels?) or something else.

Rich