Mercurial > illumos > illumos-gate

changeset 13740:836bfdf31fc4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2724 snoop contains few problems with accessing uninitialized data Reviewed by: Darren Reed <darrenr@fastmail.net> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Gordon Ross <gwr@nexenta.com>
author Milan Jurik <milan.jurik@xylab.cz>
date Tue, 05 Jun 2012 18:33:58 +0200
parents f6a4c9dc9b80
children 1e57a183c0e9
files usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_capture.c usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_filter.c usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_ip.c usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_pf.c usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_rpcsec.c
diffstat 5 files changed, 57 insertions(+), 51 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_capture.c	Fri Jun 22 11:22:18 2012 -0400
+++ b/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_capture.c	Tue Jun 05 18:33:58 2012 +0200
@@ -21,6 +21,7 @@
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
  */
 
 #include <stdio.h>
@@ -603,7 +604,8 @@
 {
 	struct stat st;
 	int cap_vers;
-	int *word, device_mac_type;
+	int *word;
+	int device_mac_type = -1;
 	int capfile_in;
 
 	capfile_in = open(name, O_RDONLY);
--- a/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_filter.c	Fri Jun 22 11:22:18 2012 -0400
+++ b/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_filter.c	Tue Jun 05 18:33:58 2012 +0200
@@ -21,6 +21,7 @@
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
  */
 
 #include <stdio.h>
@@ -1049,10 +1050,8 @@
 static void
 compare_value_zone(uint_t offset, uint32_t val)
 {
-	int i;
-
-	load_const(ntohl(((uint32_t *)&val)[i]));
-	load_value(offset + i * 4, 4);
+	load_const(ntohl(val));
+	load_value(offset, 4);
 	emitop(OP_EQ);
 }
 
@@ -1582,6 +1581,9 @@
 		}
 	}
 
+	if (hp == NULL)
+		return;
+
 	switch (which) {
 	case TO:
 		addr4offset = IPV4_DSTADDR_OFFSET;
@@ -1600,7 +1602,7 @@
 	/*
 	 * The code below generates the filter.
 	 */
-	if (hp != NULL && hp->h_addrtype == AF_INET) {
+	if (hp->h_addrtype == AF_INET) {
 		ethertype_match(interface->network_type_ip);
 		emitop(OP_BRFL);
 		n = chain(n);
--- a/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_ip.c	Fri Jun 22 11:22:18 2012 -0400
+++ b/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_ip.c	Tue Jun 05 18:33:58 2012 +0200
@@ -21,6 +21,7 @@
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
  */
 
 #include <stdio.h>
@@ -1205,7 +1206,7 @@
 	 * Display Classification Level
 	 */
 	ripso_class = get_pair_byval(ripso_class_tbl, (int)opt[2]);
-	if (ripso_class != NULL)
+	if (ripso_class == NULL)
 		(void) snprintf(get_line(0, 0), get_line_remain(),
 		    "Classification = Unknown (0x%02x)", opt[2]);
 	else
--- a/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_pf.c	Fri Jun 22 11:22:18 2012 -0400
+++ b/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_pf.c	Tue Jun 05 18:33:58 2012 +0200
@@ -21,6 +21,7 @@
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
  */
 
 #include <stdio.h>
@@ -688,6 +689,9 @@
 		pr_err("unknown token type: %s", hostname);
 	}
 
+	if (hp == NULL)
+		return;
+
 	switch (which) {
 	case TO:
 		addr4offset = IPV4_DSTADDR_OFFSET;
@@ -703,7 +707,7 @@
 		break;
 	}
 
-	if (hp != NULL && hp->h_addrtype == AF_INET) {
+	if (hp->h_addrtype == AF_INET) {
 		pf_matchfn("ip");
 		if (dl.dl_type == DL_ETHER)
 			pf_check_vlan_tag(ENCAP_ETHERTYPE_OFF/2);
@@ -809,9 +813,7 @@
 		}
 	}
 
-	if (hp != NULL) {
-		freehostent(hp);
-	}
+	freehostent(hp);
 }
 
 
--- a/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_rpcsec.c	Fri Jun 22 11:22:18 2012 -0400
+++ b/usr/src/cmd/cmd-inet/usr.sbin/snoop/snoop_rpcsec.c	Tue Jun 05 18:33:58 2012 +0200
@@ -22,10 +22,9 @@
 /*
  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2012 Milan Jurik. All rights reserved.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/types.h>
 #include <sys/errno.h>
 #include <sys/tiuser.h>
@@ -105,15 +104,15 @@
 	rpcsec_gss_service    = getxdr_enum();
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-		"   version = %u",  rpcsec_gss_ver);
+	    "   version = %u",  rpcsec_gss_ver);
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-		"   gss control procedure = %u (%s)",
-		rpcsec_gss_proc,
-		rpcsec_gss_proc_to_string(rpcsec_gss_proc));
+	    "   gss control procedure = %u (%s)",
+	    rpcsec_gss_proc,
+	    rpcsec_gss_proc_to_string(rpcsec_gss_proc));
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-		"   sequence num = %u", seq_num);
+	    "   sequence num = %u", seq_num);
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
 	    "   service = %d (%s)", rpcsec_gss_service,
@@ -123,7 +122,7 @@
 	handle = getxdr_hex(handle_len);
 	line = get_line(pos, getxdr_pos());
 	sprintf(line, "   handle: length = %d, data = [%s]",
-			handle_len, handle);
+	    handle_len, handle);
 	x = find_xid(xid);
 	if (x) {
 		x->xid_gss_proc    = rpcsec_gss_proc;
@@ -159,11 +158,11 @@
 		seq = getxdr_u_long();
 		if (flags & F_ALLSUM) {
 			(void) sprintf(get_sum_line(), "%s %c seq_num = %u",
-				"RPC RPCSEC_GSS", type == CALL ? 'C' : 'R',
-				seq);
+			    "RPC RPCSEC_GSS", type == CALL ? 'C' : 'R',
+			    seq);
 		} else if (flags & F_DTAIL) {
 			sprintf(get_line(0, 0),
-				"RPCSEC_GSS data seq_num = %u", seq);
+			    "RPCSEC_GSS data seq_num = %u", seq);
 			show_space();
 		}
 		/* call args follow */
@@ -178,21 +177,21 @@
 		}
 
 		if (flags & F_SUM || flags & F_ALLSUM) {
-		    (void) sprintf(get_sum_line(),
-			"%s %c %s ver(%d) proc(%d) (data encrypted) ",
-			"RPC RPCSEC_GSS", type == CALL ? 'C' : 'R',
-			progname, vers, proc);
+			(void) sprintf(get_sum_line(),
+			    "%s %c %s ver(%d) proc(%d) (data encrypted) ",
+			    "RPC RPCSEC_GSS", type == CALL ? 'C' : 'R',
+			    progname, vers, proc);
 		} else if (flags & F_DTAIL) {
-		    unsigned int args_len;
+			unsigned int args_len;
 
-		    args_len = getxdr_u_long();
-		    sprintf(get_line(0, 0),
-			"RPCSEC_GSS %s ver(%d) proc(%d)",
-			progname, vers, proc);
-		    sprintf(get_line(0, 0),
-			"(%s args encrypted, len = %d bytes)",
-			type == CALL ? "CALL" : "REPLY", args_len);
-		    show_space();
+			args_len = getxdr_u_long();
+			sprintf(get_line(0, 0),
+			    "RPCSEC_GSS %s ver(%d) proc(%d)",
+			    progname, vers, proc);
+			sprintf(get_line(0, 0),
+			    "(%s args encrypted, len = %d bytes)",
+			    type == CALL ? "CALL" : "REPLY", args_len);
+			show_space();
 		}
 		}
 		return (1);
@@ -238,7 +237,7 @@
 			checksum_len = getxdr_u_long();
 			checksum = getxdr_hex(checksum_len);
 			sprintf(get_line(0, 0),
-				"checksum: len = %d", checksum_len);
+			    "checksum: len = %d", checksum_len);
 			sprintf(get_line(0, 0), "[%s]", checksum);
 			show_trailer();
 		}
@@ -266,10 +265,10 @@
 		if (flags & F_SUM) {
 			if (type == CALL) {
 				(void) sprintf(get_sum_line(), "%s %c %u (%s)",
-				"RPC RPCSEC_GSS",
-				type == CALL ? 'C' : 'R',
-				x->xid_gss_proc,
-				rpcsec_gss_proc_to_string(x->xid_gss_proc));
+				    "RPC RPCSEC_GSS",
+				    type == CALL ? 'C' : 'R',
+				    x->xid_gss_proc,
+				    rpcsec_gss_proc_to_string(x->xid_gss_proc));
 			}
 		} else if (flags & F_DTAIL) {
 			if (x->xid_gss_proc == RPCSEC_GSS_INIT ||
@@ -330,7 +329,7 @@
 
 	char *token, *line;
 	unsigned int token_len;
-	int pos;
+	int pos = 0;
 
 	/*
 	 *  see if we need to print out the rpc_gss_init_arg structure
@@ -338,21 +337,21 @@
 	 */
 
 	if (x->xid_gss_proc != RPCSEC_GSS_INIT &&
-		x->xid_gss_proc != RPCSEC_GSS_CONTINUE_INIT) {
+	    x->xid_gss_proc != RPCSEC_GSS_CONTINUE_INIT) {
 		return;
 	}
 
 	/* print it */
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-		"RPCSEC_GSS_INIT args:");
+	    "RPCSEC_GSS_INIT args:");
 
 	pos = getxdr_pos();
 	token_len = getxdr_u_long();
 	token = getxdr_hex(token_len);
 	line = get_line(pos, getxdr_pos());
-		sprintf(line, "   gss token: length = %d, data = [%d bytes]",
-			token_len, token_len);
+	sprintf(line, "   gss token: length = %d, data = [%d bytes]",
+	    token_len, token_len);
 
 	show_trailer();
 }
@@ -368,7 +367,7 @@
 	unsigned int token_len, handle_len;
 	unsigned int major, minor, seq_window;
 
-	int pos;
+	int pos = 0;
 	struct cache_struct *x;
 
 	/* print it */
@@ -380,25 +379,25 @@
 	handle = getxdr_hex(handle_len);
 	line = get_line(pos, getxdr_pos());
 	sprintf(line, "   handle: length = %d, data = [%s]",
-		handle_len, handle);
+	    handle_len, handle);
 	pos = getxdr_pos();
 	major = getxdr_u_long();
 	minor = getxdr_u_long();
 	seq_window = getxdr_u_long();
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-				"   gss_major status = %u", major);
+	    "   gss_major status = %u", major);
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-				"   gss_minor status = %u", minor);
+	    "   gss_minor status = %u", minor);
 
 	(void) sprintf(get_line(pos, getxdr_pos()),
-				"   sequence window  = %u", seq_window);
+	    "   sequence window  = %u", seq_window);
 	pos = getxdr_pos();
 	token_len = getxdr_u_long();
 	token = getxdr_hex(token_len);
 	line = get_line(pos, getxdr_pos());
 	sprintf(line, "   gss token: length = %d, data = [%d bytes]",
-		token_len, token_len);
+	    token_len, token_len);
 	show_trailer();
 }