85 lines
3.0 KiB
Diff
85 lines
3.0 KiB
Diff
From e64dc10ea1d5be38681191d9f4d2aa9018ab59dc Mon Sep 17 00:00:00 2001
|
|
From: Masatake YAMATO <yamato@redhat.com>
|
|
Date: Sun, 4 Oct 2020 03:50:26 +0900
|
|
Subject: [PATCH] [linux] handle ffff:ffff in ipv6 addr correctly
|
|
|
|
Close #102
|
|
Close #109
|
|
|
|
The listen address and port of an AF_INET6 socket were not display if
|
|
the socket listened at an ipv6 address including ffff:ffff.
|
|
|
|
Here is a command session demonstrating the bug:
|
|
|
|
# ip -6 addr add abcd:ef10:ffff:ffff:ffff:ffff:ffff:ff62 dev lo
|
|
# nc -6 -l abcd:ef10:ffff:ffff:ffff:ffff:ffff:ff62 8888 &
|
|
[1] 6762
|
|
# ./lsof -p 6762 -a -d fd -P -n
|
|
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
|
|
nc 6762 yamato 0u CHR 136,6 0t0 9 /dev/pts/6
|
|
nc 6762 yamato 1u CHR 136,6 0t0 9 /dev/pts/6
|
|
nc 6762 yamato 2u CHR 136,6 0t0 9 /dev/pts/6
|
|
nc 6762 yamato 3u sock 0,9 0t0 5833594 protocol: TCPv6
|
|
|
|
The last line should be:
|
|
|
|
nc 6762 yamato 3u IPv6 5833594 0t0 TCP [abcd:ef10:ffff:ffff:ffff:ffff:ffff:ff62]:8888 (LISTEN)
|
|
|
|
The original code decoding an ipv6 address uses UINT32_MAX constant
|
|
incorrect way.
|
|
|
|
@zhrf2020 reported this bug in #102.
|
|
The test case is based on the report.
|
|
|
|
@zhrf2020 provided the initial version of fix, #109.
|
|
This change is based on the version.
|
|
---
|
|
dialects/linux/dsock.c | 33 ++++++++++++-
|
|
1 files changed, 31 insertions(+), 2 deletions(-)
|
|
diff --git a/dialects/linux/dsock.c b/dialects/linux/dsock.c
|
|
index 4b71460..0aaaf6d 100644
|
|
--- a/dialects/linux/dsock.c
|
|
+++ b/dialects/linux/dsock.c
|
|
@@ -3632,9 +3632,38 @@ net6a2in6(as, ad)
|
|
(void) strncpy(buf, as, 8);
|
|
buf[8] = '\0';
|
|
ep = (char *)NULL;
|
|
- if ((ad->s6_addr32[i] = (uint32_t)strtoul(buf, &ep, 16))
|
|
- == (uint32_t)UINT32_MAX || !ep || *ep)
|
|
+
|
|
+ errno = 0;
|
|
+ unsigned long ul_addr = strtoul(buf, &ep, 16);
|
|
+ if (!ep || *ep)
|
|
+ break;
|
|
+ else if (ul_addr == ULONG_MAX && errno == ERANGE)
|
|
+ {
|
|
+ /* Quoted from strtoul(3)
|
|
+ ---------------------------------------------------
|
|
+ The strtoul() function returns either the result of
|
|
+ the conversion or, if there was a leading minus
|
|
+ sign, the negation of the result of the conversion
|
|
+ represented as an unsigned value, unless the
|
|
+ original (nonnegated) value would overflow; in the
|
|
+ latter case, strtoul() returns ULONG_MAX and sets
|
|
+ errno to ERANGE.
|
|
+ ---------------------------------------------------
|
|
+ NOTE: even if the value doesn't overflow, a
|
|
+ negative is not acceptable. */
|
|
break;
|
|
+ }
|
|
+ else if (ul_addr > (unsigned long)UINT32_MAX)
|
|
+ {
|
|
+ /* This will never happen:
|
|
+ The maximum length of BUF is 8 characters.
|
|
+ The possible maximum value represented by BUF is
|
|
+ "FFFFFFFF". This is UINT32_MAX.
|
|
+ If you agree with what I write here, make a pull
|
|
+ request for removing this block. */
|
|
+ break;
|
|
+ }
|
|
+ ad->s6_addr32[i] = (uint32_t)ul_addr;
|
|
}
|
|
return((*as || (i != 4) || len) ? 1 : 0);
|
|
}
|
|
|