From: Christian Marangi Date: Tue, 19 Mar 2024 10:40:36 +0000 (+0100) Subject: libpfring: backport patch fixing compilation error for sa_data X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=1e6a030d690d070945c785e23b7d445248f4aba3;p=feed%2Fpackages.git libpfring: backport patch fixing compilation error for sa_data Backport patch fixing compilation error for sa_data not well defined. This is triggered only on platform that makes use of fortify string and cause compilation error due to the fact that sa_data is not well defined and his size is arbitrary. Patch has been accepted in the PF_RING project and this is just a backport. Signed-off-by: Christian Marangi (cherry picked from commit c3a50a9fac8f9d8665f8b012abd85bb9e461e865) --- diff --git a/libs/libpfring/Makefile b/libs/libpfring/Makefile index 0ef774b79b..1083d6ec78 100644 --- a/libs/libpfring/Makefile +++ b/libs/libpfring/Makefile @@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=libpfring PKG_VERSION:=8.4.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ntop/PF_RING/tar.gz/$(PKG_VERSION)? diff --git a/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch b/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch new file mode 100644 index 0000000000..7c27515f4c --- /dev/null +++ b/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch @@ -0,0 +1,72 @@ +From fae2437c2af80d3ea64f5bc9678a5b697772295b Mon Sep 17 00:00:00 2001 +From: Christian Marangi +Date: Mon, 18 Mar 2024 10:03:43 +0100 +Subject: [PATCH] kernel: pf_ring: better define sa_data size + +pfring_mod_bind() needs to specify the interface +name using struct sockaddr that is defined as + +struct sockaddr { ushort sa_family; char sa_data[14]; }; + +so the total interface name length is 13 chars (plus \0 trailer). + +Since sa_data size is arbitrary, define a more precise size for +PF_RING socket use. + +This fix some compilation error with fortify string and makes the array +handling more deterministic. + +Signed-off-by: Christian Marangi +--- + kernel/pf_ring.c | 22 ++++++++++++++++++---- + 1 file changed, 18 insertions(+), 4 deletions(-) + +--- a/kernel/pf_ring.c ++++ b/kernel/pf_ring.c +@@ -155,6 +155,18 @@ + #endif + #endif + ++/* ++ pfring_mod_bind() needs to specify the interface ++ name using struct sockaddr that is defined as ++ ++ struct sockaddr { ushort sa_family; char sa_data[14]; }; ++ ++ so the total interface name length is 13 chars (plus \0 trailer). ++ Since sa_data size is arbitrary, define a more precise size for ++ PF_RING socket use. ++*/ ++#define RING_SA_DATA_LEN 14 ++ + /* ************************************************* */ + + #if(LINUX_VERSION_CODE >= KERNEL_VERSION(5,6,0)) +@@ -1029,7 +1041,7 @@ pf_ring_device *pf_ring_device_name_look + so the total interface name length is 13 chars (plus \0 trailer). + The check below is to trap this case. + */ +- || ((l >= 13) && (strncmp(dev_ptr->device_name, name, 13) == 0))) ++ || ((l >= RING_SA_DATA_LEN - 1) && (strncmp(dev_ptr->device_name, name, RING_SA_DATA_LEN - 1) == 0))) + && device_net_eq(dev_ptr, net)) + return dev_ptr; + } +@@ -5571,15 +5583,15 @@ static int ring_bind(struct socket *sock + * Check legality + */ + if (addr_len == sizeof(struct sockaddr)) { +- char name[sizeof(sa->sa_data)+1]; ++ char name[RING_SA_DATA_LEN]; + + if (sa->sa_family != PF_RING) + return(-EINVAL); + +- memcpy(name, sa->sa_data, sizeof(sa->sa_data)); ++ memcpy(name, sa->sa_data, RING_SA_DATA_LEN - 1); + + /* Add trailing zero if missing */ +- name[sizeof(name)-1] = '\0'; ++ name[RING_SA_DATA_LEN-1] = '\0'; + + debug_printk(2, "searching device %s\n", name); +