Netdev Archive on lore.kernel.org
help / color / mirror / Atom feed
* ethtool 5.8 segfaults when changing settings on a device
@ 2020-08-13 12:25 Hans-Christian Egtvedt (hegtvedt)
2020-08-23 20:16 ` Michal Kubecek
0 siblings, 1 reply; 2+ messages in thread
From: Hans-Christian Egtvedt (hegtvedt) @ 2020-08-13 12:25 UTC (permalink / raw)
To: netdev
Hello,
I am testing ethtool 5.8, and I noticed it segfaulted with the command
ethtool -s eth0 autoneg on
Backtrace as follows:
(gdb) run -s eth0 autoneg on
Starting program: /tmp/ethtool-5.8 -s eth0 autoneg on
Program received signal SIGSEGV, Segmentation fault.
0x0040bef8 in do_sset ()
(gdb) bt
#0 0x0040bef8 in do_sset ()
#1 0x00407d9c in do_ioctl_glinksettings ()
#2 0x00000000 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
I then tested reverting
https://git.kernel.org/pub/scm/network/ethtool/ethtool.git/commit/ethtool.c?id=bef780467fa7aa95dca3ed5cc3ebb8bec5882f08
And the command now passes.
I am running ethtool on top of Linux 4.4.232, hence there is no support
for ETHTOOL_xLINKSETTINGS.
Is the bef780467fa7aa95dca3ed5cc3ebb8bec5882f08 patch not correct, one
should check link_usettings pointer for non-NULL before memset'ing?
Since do_ioctl_glinksettings() will return NULL upon failure, which
matches well with kernels not supporting ETHTOOL_GLINKSETTINGS ioctl.
--
Best regards, Hans-Christian Noren Egtvedt
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: ethtool 5.8 segfaults when changing settings on a device
2020-08-13 12:25 ethtool 5.8 segfaults when changing settings on a device Hans-Christian Egtvedt (hegtvedt)
@ 2020-08-23 20:16 ` Michal Kubecek
0 siblings, 0 replies; 2+ messages in thread
From: Michal Kubecek @ 2020-08-23 20:16 UTC (permalink / raw)
To: Hans-Christian Egtvedt (hegtvedt); +Cc: netdev
On Thu, Aug 13, 2020 at 12:25:22PM +0000, Hans-Christian Egtvedt (hegtvedt) wrote:
> Hello,
>
> I am testing ethtool 5.8, and I noticed it segfaulted with the command
> ethtool -s eth0 autoneg on
>
> Backtrace as follows:
> (gdb) run -s eth0 autoneg on
> Starting program: /tmp/ethtool-5.8 -s eth0 autoneg on
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x0040bef8 in do_sset ()
> (gdb) bt
> #0 0x0040bef8 in do_sset ()
> #1 0x00407d9c in do_ioctl_glinksettings ()
> #2 0x00000000 in ?? ()
> Backtrace stopped: previous frame identical to this frame (corrupt stack?)
>
> I then tested reverting
> https://git.kernel.org/pub/scm/network/ethtool/ethtool.git/commit/ethtool.c?id=bef780467fa7aa95dca3ed5cc3ebb8bec5882f08
>
> And the command now passes.
>
> I am running ethtool on top of Linux 4.4.232, hence there is no support
> for ETHTOOL_xLINKSETTINGS.
>
> Is the bef780467fa7aa95dca3ed5cc3ebb8bec5882f08 patch not correct, one
> should check link_usettings pointer for non-NULL before memset'ing?
>
> Since do_ioctl_glinksettings() will return NULL upon failure, which
> matches well with kernels not supporting ETHTOOL_GLINKSETTINGS ioctl.
Thank you for the report. Reverting commit bef780467fa7 would bring back
the issue it fixed. AFAICS the only problem is indeed the missing null
check which allows dereferencing the pointer returned by
do_ioctl_glinksettings() even if it is null. I didn't realize the
pointer can be null which is rather shameful as there is a null check
right below the inserted memset(). Thus adding the null check (which can
be combined with one that is already there) should be the easiest way to
fix this.
Please feel free to submit the fix.
Michal
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-08-23 20:16 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-13 12:25 ethtool 5.8 segfaults when changing settings on a device Hans-Christian Egtvedt (hegtvedt)
2020-08-23 20:16 ` Michal Kubecek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).