From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202502 header.b=kKgbb5uo;
	dkim-atps=neutral
Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id B67395A026F
	for <passt-dev@passt.top>; Wed, 02 Apr 2025 06:51:28 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202502; t=1743569479;
	bh=kP6DdJyqICvpXSSH0ScyMXdYxC2p/6d2DaRpQoczceI=;
	h=From:To:Cc:Subject:Date:From;
	b=kKgbb5uoNIB+SBXViaEVn0ZGUmcdZzUxWufLAzhuUZUm5NGxH5P7jTbAbOyq7UkiA
	 b9lJbFkhQzjAnQTAus92y89VnpQe9ZY1zYrnuyeOOIsDjPJaFBK3JhogG8FPbg8yY1
	 z/YFSet/J7fDyhma0wxFg1LJM+jfWMlF6KSkYt9HONJsUeFFL9OCv3BiaFbfWmp7lD
	 RPudkcIcqYWcPue5fF8rz/TbCBlN6bSlQYuSzu/go5m8LSsANi+41SwbVlgPqjfemr
	 J2p2VvOOJV/npIVIlKxrT29TDL+ev9vegEnICvoSWKdUexlZqP5bW8YMaR8QD1q6b8
	 DLCUQoHpTbO+w==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4ZSCBH0YBFz4x1w; Wed,  2 Apr 2025 15:51:19 +1100 (AEDT)
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>,
	passt-dev@passt.top
Subject: [PATCH] passt-repair: Correct off-by-one error verifying name
Date: Wed,  2 Apr 2025 15:43:40 +1100
Message-ID: <20250402044340.4100555-1-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.49.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: KQ3HQR7QBFKGXHV23D4NOAS2ZEA5Z2CH
X-Message-ID-Hash: KQ3HQR7QBFKGXHV23D4NOAS2ZEA5Z2CH
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20250402044340.4100555-1-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/KQ3HQR7QBFKGXHV23D4NOAS2ZEA5Z2CH/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

passt-repair will generate an error if the name it gets from the kernel is
too long or not NUL terminated.  Downstream testing has reported
occasionally seeing this error in practice.

In turns out there is a trivial off-by-one error in the check: ev->len is
the length of the name, including terminating \0 characters, so to check
for a \0 at the end of the buffer we need to check ev->name[len - 1] not
ev->name[len].

Fixes: 42a854a52 ("pasta, passt-repair: Support multiple events per...")

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 passt-repair.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/passt-repair.c b/passt-repair.c
index 86f02934..440c77ae 100644
--- a/passt-repair.c
+++ b/passt-repair.c
@@ -157,7 +157,7 @@ int main(int argc, char **argv)
 			}
 		} while (!found);
 
-		if (ev->len > NAME_MAX + 1 || ev->name[ev->len] != '\0') {
+		if (ev->len > NAME_MAX + 1 || ev->name[ev->len - 1] != '\0') {
 			fprintf(stderr, "Invalid filename from inotify\n");
 			_exit(1);
 		}
-- 
2.49.0