From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=X2SUWtJb; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 728175A0619 for ; Sat, 25 Apr 2026 17:31:52 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1777131111; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qL6Lu/7iOGpsYLjSMHFQdk5Z9Vl0MTs+aFJ36f0zgU4=; b=X2SUWtJbFfRXsFrn0IbTwpwxGYdkQNguySBE6Jky2Ysuy3yAkwjdvjISOXpclM7Nt3e7vX jM8dNyp+BI3PqA9RzPNqqbRxpAeYPakpLB5e35YED1bvH+UxaXVG86l00Jtby6DddeZV46 qEATbX2DLKjKoHgEkzhT8ETwzKCowDU= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-189-_l9yIl9HMF6l3VV6dGS2NQ-1; Sat, 25 Apr 2026 11:31:50 -0400 X-MC-Unique: _l9yIl9HMF6l3VV6dGS2NQ-1 X-Mimecast-MFC-AGG-ID: _l9yIl9HMF6l3VV6dGS2NQ_1777131109 Received: by mail-qt1-f197.google.com with SMTP id d75a77b69052e-50d9a6a853bso114115371cf.0 for ; Sat, 25 Apr 2026 08:31:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777131109; x=1777735909; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qL6Lu/7iOGpsYLjSMHFQdk5Z9Vl0MTs+aFJ36f0zgU4=; b=oOxSlddgnJC5AdxNEEUW3QVoIVR5ZTa53L6OQAVOsa/MC2+WYcgOD4vmN+uWZfQPxv B2JQ571iGR/wtfkeO8i492J7nuRM++mBMfeleN9BgKt0x73ZAblNac0bjwBWZ/s4Hdf1 4v6Pi0y6gz/o+f7nRCVWIZsbFoiLu8dhl8tsiPHzH6qZdBBT4NAY7XjDNrCqLNlpXRRK mkHnL4i4Kvn6P9+ZswIugWUnmPCKnCI0bfL4+ZiEMYQe6L9SoiaVnLO7uUSrUgQj9DQ7 gZCXtjtqOUGXUyTrQyN6PHEJk3j5o0P4Bh1qkrLBJSDsFw/R3jOlsqiGad9S3BcZGDDz cfHA== X-Forwarded-Encrypted: i=1; AFNElJ8pn6Df5O1X+EJ/d1LiOCf7iRiML1BWjyh3wBuOeZo6rPopqiP4lhnQKSUxXvscBocnzdvPVZF+05o=@passt.top X-Gm-Message-State: AOJu0Yy6zLYRtltsRd1O1TE8MQfaT0pHgvEWNc7JGNZpRiien2Skb8f8 2air5chFq+Aj/9dv33F5Igcz5LotWeoPuY8LrQREDwv0Cv00qSZwJYYJKa9wZuelt8fehTayypt TqF9vJcB/JJCXOYrL0IsLZ5kT3On7jY/Xyrj7QyEwbR8xV04gL5kDzA== X-Gm-Gg: AeBDieueBp9fNEDTx29U6qv/Upx/qv5yXoGQ0iCX7H20778SMuqnmPCWSo4u+XJdm8b Rd5kvgtp3ooJTAdpMwl//HrhJUXOGkAd0Keih2ij3XCGx3dls6PM4ChQIa8pl1v2Py1ThogFNdb S9Rx1Cp8ig9t2Xg89hRVI5YCjbR6UGUbz9hrbkAtO8usrbZDAWGd/gbIM5WdqhXu4ivX1rehvvs 9D1eDOdCMAkN7Z7VnutT+KH07hBdLAW+24HA477gqIru8OJeZvE85BoIZrULpaDV80Bbr74EHKY vYeZkjtpXtQOAttvTxky9lTW3tMll6GQJlQk1H2D+K7IC4yPH4Y7mTxQ9OAmm/YwbXKYgQyQvx4 Yma67UCzyp0tJK4KbV5uMLU1h7A8IZdEDohHJgD4PEysD3xWamQJNhvXp/O6wgtEnjqUxucw6sN xKKEZmsvqtAZLpmNe/zxuKSbA= X-Received: by 2002:a05:622a:994:b0:50d:4601:e335 with SMTP id d75a77b69052e-50e36eed29cmr546400601cf.54.1777131109430; Sat, 25 Apr 2026 08:31:49 -0700 (PDT) X-Received: by 2002:a05:622a:994:b0:50d:4601:e335 with SMTP id d75a77b69052e-50e36eed29cmr546400191cf.54.1777131108968; Sat, 25 Apr 2026 08:31:48 -0700 (PDT) Received: from [192.168.2.15] (lnsm4-toronto63-142-116-28-118.internet.virginmobile.ca. [142.116.28.118]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-50e5f5cc439sm160246821cf.17.2026.04.25.08.31.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 25 Apr 2026 08:31:48 -0700 (PDT) Message-ID: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v5 01/18] conf, fwd: Stricter rule checking in fwd_rule_add() To: David Gibson , Stefano Brivio , passt-dev@passt.top References: <20260421062516.2601204-1-david@gibson.dropbear.id.au> <20260421062516.2601204-2-david@gibson.dropbear.id.au> From: Jon Maloy In-Reply-To: <20260421062516.2601204-2-david@gibson.dropbear.id.au> X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: jwXBjQrBHj7FChtbWR-3EDKrURArYYexw6vFBtELXnI_1777131109 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-MailFrom: jmaloy@redhat.com X-Mailman-Rule-Hits: emergency X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved Message-ID-Hash: PP5TWWI2E5CZBVJPABYLUBPWGOJA3H3U X-Message-ID-Hash: PP5TWWI2E5CZBVJPABYLUBPWGOJA3H3U X-Mailman-Approved-At: Mon, 27 Apr 2026 09:47:04 +0200 X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Date: Sat, 25 Apr 2026 15:31:52 X-Original-Date: Sat, 25 Apr 2026 11:31:40 -0400 On 2026-04-21 02:24, David Gibson wrote: > Although fwd_rule_add() performs some sanity checks on the rule it is > given, there are invalid rules we don't check for, assuming that its > callers will do that. > > > diff --git a/fwd.c b/fwd.c > index c7fd1a9d..979c1494 100644 > --- a/fwd.c > +++ b/fwd.c > @@ -367,17 +367,59 @@ int fwd_rule_add(struct fwd_table *fwd, const struct fwd_rule *new) > new->first, new->last); > return -EINVAL; > } > + if (!new->first) { > + warn("Forwarding rule attempts to map from port 0"); > + return -EINVAL; > + } > + if (!new->to || > + (in_port_t)(new->to + new->last - new->first) < new->to) { > + warn("Forwarding rule attempts to map to port 0"); Not strictly true. We are also catching a range overflow case. Maybe "Forwarding rule maps to invalid port number" /jon > + return -EINVAL; > + } > if (new->flags & ~allowed_flags) { > warn("Rule has invalid flags 0x%hhx", > new->flags & ~allowed_flags); > return -EINVAL; > } > - if (new->flags & FWD_DUAL_STACK_ANY && > - !inany_equals(&new->addr, &inany_any6)) { > - char astr[INANY_ADDRSTRLEN]; > + if (new->flags & FWD_DUAL_STACK_ANY) { > + if (!inany_equals(&new->addr, &inany_any6)) { > + char astr[INANY_ADDRSTRLEN]; > > - warn("Dual stack rule has non-wildcard address %s", > - inany_ntop(&new->addr, astr, sizeof(astr))); > + warn("Dual stack rule has non-wildcard address %s", > + inany_ntop(&new->addr, astr, sizeof(astr))); > + return -EINVAL; > + } > + if (!(fwd->caps & FWD_CAP_IPV4)) { > + warn("Dual stack forward, but IPv4 not enabled"); > + return -EINVAL; > + } > + if (!(fwd->caps & FWD_CAP_IPV6)) { > + warn("Dual stack forward, but IPv6 not enabled"); > + return -EINVAL; > + } > + } else { > + if (inany_v4(&new->addr) && !(fwd->caps & FWD_CAP_IPV4)) { > + warn("IPv4 forward, but IPv4 not enabled"); > + return -EINVAL; > + } > + if (!inany_v4(&new->addr) && !(fwd->caps & FWD_CAP_IPV6)) { > + warn("IPv6 forward, but IPv6 not enabled"); > + return -EINVAL; > + } > + } > + if (new->proto == IPPROTO_TCP) { > + if (!(fwd->caps & FWD_CAP_TCP)) { > + warn("Can't add TCP forwarding rule, TCP not enabled"); > + return -EINVAL; > + } > + } else if (new->proto == IPPROTO_UDP) { > + if (!(fwd->caps & FWD_CAP_UDP)) { > + warn("Can't add UDP forwarding rule, UDP not enabled"); > + return -EINVAL; > + } > + } else { > + warn("Unsupported protocol 0x%hhx (%s) for forwarding rule", > + new->proto, ipproto_name(new->proto)); > return -EINVAL; > } >