Ubuntu
frr package

  1. Bug #1959896
  2. Activity log

Activity log for bug #1959896

Date Who What changed Old value New value Message
2022-02-03 12:37:05 Andreas Hasenack bug added bug
2022-03-21 20:59:52 Andreas Hasenack frr (Ubuntu): status In Progress New
2022-03-21 20:59:54 Andreas Hasenack frr (Ubuntu): assignee Andreas Hasenack (ahasenack)
2022-03-22 12:34:24 Lucas Kanashiro bug added subscriber Ubuntu Server
2023-08-07 12:22:28 Miriam España Acebal nominated for series Ubuntu Mantic
2023-08-07 12:22:28 Miriam España Acebal bug task added frr (Ubuntu Mantic)
2023-08-07 12:22:28 Miriam España Acebal nominated for series Ubuntu Lunar
2023-08-07 12:22:28 Miriam España Acebal bug task added frr (Ubuntu Lunar)
2023-08-07 12:24:15 Miriam España Acebal frr (Ubuntu Lunar): status New Fix Released
2023-08-07 12:24:24 Miriam España Acebal frr (Ubuntu Mantic): status New Fix Released
2023-08-07 12:27:04 Miriam España Acebal nominated for series Ubuntu Jammy
2023-08-07 12:27:04 Miriam España Acebal bug task added frr (Ubuntu Jammy)
2023-08-23 15:45:39 Michał Małoszewski frr (Ubuntu Jammy): assignee Michał Małoszewski (michal-maloszewski99)
2023-08-23 15:45:45 Michał Małoszewski frr (Ubuntu Jammy): status New In Progress
2023-08-28 12:37:32 Michał Małoszewski tags server-todo
2023-08-28 14:02:08 Launchpad Janitor merge proposal linked https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/frr/+git/frr/+merge/450054
2023-08-28 14:31:24 Michał Małoszewski description This was flagged in the MIR[1] review for frr. There is an incorrect strncmp() usage in the code that was flagged by gcc: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread] 60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias)) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread] 43 | return (strncmp(ca1->community, ca2->community, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 44 | sizeof(struct community_alias)) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I filed an upstream bug[2], and it was fixed[3]. 1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834 2. https://github.com/FRRouting/frr/issues/10484 3. https://github.com/FRRouting/frr/pull/10485 [Impact] * Users of frr reported warning while building frr 8.1 with -Wstringop-overread. * This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions. [Test Plan] $ lxc launch ubuntu:22.04 jammy-frr $ lxc shell jammy-frr 1. Install frr: # apt install frr 2. Download frr 8.1 and unzip it. 3. Enter frr 8.1 after unzipping it. 4. Install dependencies: # apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev 5. Add FRR user and groups: # groupadd -r -g 92 frr # groupadd -r -g 85 frrvty # adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr # usermod -a -G frrvty frr 6. #./bootstrap.sh 7. #./configure 8. # make -Wstringop-overread Example of failed output: CC bgpd/bgp_community_alias.o bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread] 60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias)) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread] 43 | return (strncmp(ca1->community, ca2->community, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 44 | sizeof(struct community_alias)) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Example of successful output: No warnings for strncmp usage during building frr 8.1. [Where problems could occur] * The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that. ---------------------------------original report-------------------------- This was flagged in the MIR[1] review for frr. There is an incorrect strncmp() usage in the code that was flagged by gcc: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]    60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]    43 | return (strncmp(ca1->community, ca2->community,       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    44 | sizeof(struct community_alias))       | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I filed an upstream bug[2], and it was fixed[3]. 1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834 2. https://github.com/FRRouting/frr/issues/10484 3. https://github.com/FRRouting/frr/pull/10485
2023-08-28 14:32:28 Michał Małoszewski description [Impact] * Users of frr reported warning while building frr 8.1 with -Wstringop-overread. * This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions. [Test Plan] $ lxc launch ubuntu:22.04 jammy-frr $ lxc shell jammy-frr 1. Install frr: # apt install frr 2. Download frr 8.1 and unzip it. 3. Enter frr 8.1 after unzipping it. 4. Install dependencies: # apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev 5. Add FRR user and groups: # groupadd -r -g 92 frr # groupadd -r -g 85 frrvty # adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr # usermod -a -G frrvty frr 6. #./bootstrap.sh 7. #./configure 8. # make -Wstringop-overread Example of failed output: CC bgpd/bgp_community_alias.o bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread] 60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias)) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread] 43 | return (strncmp(ca1->community, ca2->community, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 44 | sizeof(struct community_alias)) | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Example of successful output: No warnings for strncmp usage during building frr 8.1. [Where problems could occur] * The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that. ---------------------------------original report-------------------------- This was flagged in the MIR[1] review for frr. There is an incorrect strncmp() usage in the code that was flagged by gcc: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]    60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]    43 | return (strncmp(ca1->community, ca2->community,       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    44 | sizeof(struct community_alias))       | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I filed an upstream bug[2], and it was fixed[3]. 1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834 2. https://github.com/FRRouting/frr/issues/10484 3. https://github.com/FRRouting/frr/pull/10485 [Impact] * Users of frr reported warnings while building frr 8.1 with -Wstringop-overread. * This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions. [Test Plan] $ lxc launch ubuntu:22.04 jammy-frr $ lxc shell jammy-frr 1. Install frr: # apt install frr 2. Download frr 8.1 and unzip it. 3. Enter frr 8.1 after unzipping it. 4. Install dependencies: # apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev 5. Add FRR user and groups: # groupadd -r -g 92 frr # groupadd -r -g 85 frrvty # adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr # usermod -a -G frrvty frr 6. #./bootstrap.sh 7. #./configure 8. # make -Wstringop-overread Example of failed output:   CC bgpd/bgp_community_alias.o bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]    60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]    43 | return (strncmp(ca1->community, ca2->community,       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    44 | sizeof(struct community_alias))       | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Example of successful output: No warnings for strncmp usage during building frr 8.1. [Where problems could occur] * The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that. ---------------------------------original report-------------------------- This was flagged in the MIR[1] review for frr. There is an incorrect strncmp() usage in the code that was flagged by gcc: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]    60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]    43 | return (strncmp(ca1->community, ca2->community,       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    44 | sizeof(struct community_alias))       | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I filed an upstream bug[2], and it was fixed[3]. 1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834 2. https://github.com/FRRouting/frr/issues/10484 3. https://github.com/FRRouting/frr/pull/10485
2023-08-28 18:45:41 Steve Langasek frr (Ubuntu Jammy): status In Progress Incomplete
2023-08-28 19:51:58 Steve Langasek bug added subscriber Steve Langasek
2023-08-28 20:04:29 Michał Małoszewski tags server-todo
2023-09-01 18:09:41 Michał Małoszewski frr (Ubuntu Jammy): status Incomplete Won't Fix
2023-09-01 18:09:50 Michał Małoszewski frr (Ubuntu Jammy): assignee Michał Małoszewski (michal-maloszewski99)