Bug 483790
| Summary: | [IPV6] Fix the return value of get destination options with NULL data | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Dave Maley <dmaley> | ||||||
| Component: | kernel | Assignee: | Jiri Pirko <jpirko> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Red Hat Kernel QE team <kernel-qe> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 5.3 | CC: | anton, cward, davem, dzickus, emcnabb, mgahagan, nhorman, qcai, rkhan, tao, tgraf | ||||||
| Target Milestone: | rc | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2009-09-02 08:48:46 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
Created attachment 330750 [details]
reproducer
# gcc -o dstopt-5 dstopt-5.c
# ./dstopt-5
Created attachment 330751 [details]
patch provided by partner
upstream info:
commit 05335c2220c4911b69cb1bdd79e603ab08088372
Author: Yang Hongyang <yanghy.com>
Date: Wed May 28 16:23:47 2008 +0800
in kernel-2.6.18-134.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5 Please do NOT transition this bugzilla state to VERIFIED until our QE team has sent specific instructions indicating when to do so. However feel free to provide a comment indicating that this fix has been verified. ~~ Attention - RHEL 5.4 Beta Released! ~~ RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner! If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity. Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value. Questions can be posted to this bug or your customer or partner representative. ~~ Attention Partners - RHEL 5.4 Snapshot 1 Released! ~~ RHEL 5.4 Snapshot 1 has been released on partners.redhat.com. If you have already reported your test results, you can safely ignore this request. Otherwise, please notice that there should be a fix available now that addresses this particular request. Please test and report back your results here, at your earliest convenience. The RHEL 5.4 exception freeze is quickly approaching. If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity. Do not flip the bug status to VERIFIED. Instead, please set your Partner ID in the Verified field above if you have successfully verified the resolution of this issue. Further questions can be directed to your Red Hat Partner Manager or other appropriate customer representative. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-1243.html |
Description of problem: The kernel return 0 when use getsockopt() with option 'IPV6_DSTOPTS' but optval be set to NULL When use getsockopt() with option 'IPV6_DSTOPTS' but optval be set to NULL, kernel should return an error rather than 0. Version-Release number of selected component (if applicable): 2.6.18-128.EL How reproducible: every time Step to Reproduce: (see attached reproducer) 1. #gcc -o dstopt-5 dstopt-5.c 2. # ./dstopt-5 Actual Results: Kernel return 0 Reproduce program log. # ./dstopt-5 == create an IPv6 socket == == set Destination options header. optlen: 8 == == get Destination options header with NULL data pointer == getsockopt() return: 0 ERROR: success to get IPV6_DSTOPTS with NULL data pointer <=====NG=====> Expected Results: Kernel return error EFAULT Additional Info: option 'IPV6_HOPOPTS' has the same problem. The reproduction program: dstopt-5.c The patch file is attached: file: net-fix-return-value-of-getsockopt.patch This patch has already been applied for the Community's kernel. commit 05335c2220c4911b69cb1bdd79e603ab08088372 Author: Yang Hongyang <yanghy.com> Date: Wed May 28 16:23:47 2008 +0800 [IPV6]: Fix the return value of get destination options with NULL data If we pass NULL data buffer to getsockopt(), it will return 0, and the option length is set to -EFAULT: getsockopt(sk, IPPROTO_IPV6, IPV6_DSTOPTS, NULL, &len); This is because ipv6_getsockopt_sticky() will return -EFAULT or -EINVAL if some error occur. This patch fix this problem. Signed-off-by: Yang Hongyang <yanghy.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji> diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 56d55fe..aa7bedf 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -975,6 +975,9 @@ static int do_ipv6_getsockopt(struct sock *sk, int lev len = ipv6_getsockopt_sticky(sk, np->opt, optname, optval, len); release_sock(sk); + /* check if ipv6_getsockopt_sticky() returns err code */ + if (len < 0) + return len; return put_user(len, optlen); }