2022-02-03 12:37:05 |
Andreas Hasenack |
bug |
|
|
added bug |
2022-03-21 20:59:52 |
Andreas Hasenack |
frr (Ubuntu): status |
In Progress |
New |
|
2022-03-21 20:59:54 |
Andreas Hasenack |
frr (Ubuntu): assignee |
Andreas Hasenack (ahasenack) |
|
|
2022-03-22 12:34:24 |
Lucas Kanashiro |
bug |
|
|
added subscriber Ubuntu Server |
2023-08-07 12:22:28 |
Miriam España Acebal |
nominated for series |
|
Ubuntu Mantic |
|
2023-08-07 12:22:28 |
Miriam España Acebal |
bug task added |
|
frr (Ubuntu Mantic) |
|
2023-08-07 12:22:28 |
Miriam España Acebal |
nominated for series |
|
Ubuntu Lunar |
|
2023-08-07 12:22:28 |
Miriam España Acebal |
bug task added |
|
frr (Ubuntu Lunar) |
|
2023-08-07 12:24:15 |
Miriam España Acebal |
frr (Ubuntu Lunar): status |
New |
Fix Released |
|
2023-08-07 12:24:24 |
Miriam España Acebal |
frr (Ubuntu Mantic): status |
New |
Fix Released |
|
2023-08-07 12:27:04 |
Miriam España Acebal |
nominated for series |
|
Ubuntu Jammy |
|
2023-08-07 12:27:04 |
Miriam España Acebal |
bug task added |
|
frr (Ubuntu Jammy) |
|
2023-08-23 15:45:39 |
Michał Małoszewski |
frr (Ubuntu Jammy): assignee |
|
Michał Małoszewski (michal-maloszewski99) |
|
2023-08-23 15:45:45 |
Michał Małoszewski |
frr (Ubuntu Jammy): status |
New |
In Progress |
|
2023-08-28 12:37:32 |
Michał Małoszewski |
tags |
|
server-todo |
|
2023-08-28 14:02:08 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~michal-maloszewski99/ubuntu/+source/frr/+git/frr/+merge/450054 |
|
2023-08-28 14:31:24 |
Michał Małoszewski |
description |
This was flagged in the MIR[1] review for frr.
There is an incorrect strncmp() usage in the code that was flagged by gcc:
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I filed an upstream bug[2], and it was fixed[3].
1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834
2. https://github.com/FRRouting/frr/issues/10484
3. https://github.com/FRRouting/frr/pull/10485 |
[Impact]
* Users of frr reported warning while building frr 8.1 with -Wstringop-overread.
* This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions.
[Test Plan]
$ lxc launch ubuntu:22.04 jammy-frr
$ lxc shell jammy-frr
1. Install frr:
# apt install frr
2. Download frr 8.1 and unzip it.
3. Enter frr 8.1 after unzipping it.
4. Install dependencies:
# apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev
5. Add FRR user and groups:
# groupadd -r -g 92 frr
# groupadd -r -g 85 frrvty
# adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr
# usermod -a -G frrvty frr
6. #./bootstrap.sh
7. #./configure
8. # make -Wstringop-overread
Example of failed output:
CC bgpd/bgp_community_alias.o
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Example of successful output:
No warnings for strncmp usage during building frr 8.1.
[Where problems could occur]
* The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that.
---------------------------------original report--------------------------
This was flagged in the MIR[1] review for frr.
There is an incorrect strncmp() usage in the code that was flagged by gcc:
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I filed an upstream bug[2], and it was fixed[3].
1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834
2. https://github.com/FRRouting/frr/issues/10484
3. https://github.com/FRRouting/frr/pull/10485 |
|
2023-08-28 14:32:28 |
Michał Małoszewski |
description |
[Impact]
* Users of frr reported warning while building frr 8.1 with -Wstringop-overread.
* This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions.
[Test Plan]
$ lxc launch ubuntu:22.04 jammy-frr
$ lxc shell jammy-frr
1. Install frr:
# apt install frr
2. Download frr 8.1 and unzip it.
3. Enter frr 8.1 after unzipping it.
4. Install dependencies:
# apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev
5. Add FRR user and groups:
# groupadd -r -g 92 frr
# groupadd -r -g 85 frrvty
# adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr
# usermod -a -G frrvty frr
6. #./bootstrap.sh
7. #./configure
8. # make -Wstringop-overread
Example of failed output:
CC bgpd/bgp_community_alias.o
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Example of successful output:
No warnings for strncmp usage during building frr 8.1.
[Where problems could occur]
* The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that.
---------------------------------original report--------------------------
This was flagged in the MIR[1] review for frr.
There is an incorrect strncmp() usage in the code that was flagged by gcc:
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I filed an upstream bug[2], and it was fixed[3].
1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834
2. https://github.com/FRRouting/frr/issues/10484
3. https://github.com/FRRouting/frr/pull/10485 |
[Impact]
* Users of frr reported warnings while building frr 8.1 with -Wstringop-overread.
* This crash is caused because the size parameter should be the size of the specific struct member that is being compared, alias and community, and not the whole struct. The fix is to get rid of sizeof(struct community_alias) in bgp_ca_alias_hash_key and bgp_ca_community_hash_cmp functions.
[Test Plan]
$ lxc launch ubuntu:22.04 jammy-frr
$ lxc shell jammy-frr
1. Install frr:
# apt install frr
2. Download frr 8.1 and unzip it.
3. Enter frr 8.1 after unzipping it.
4. Install dependencies:
# apt install -y autoconf automake libtool make gawk libreadline-dev texinfo pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest protobuf-c-compiler libprotobuf-c-dev libelf-dev pkg-config bison flex libc-ares-dev python3-dev python3-sphinx install-info build-essential libsnmp-dev perl libcap-dev python2 libunwind-dev libyang2 libyang2-dev
5. Add FRR user and groups:
# groupadd -r -g 92 frr
# groupadd -r -g 85 frrvty
# adduser --system --ingroup frr --home /var/run/frr/ --gecos "FRR suite" --shell /sbin/nologin frr
# usermod -a -G frrvty frr
6. #./bootstrap.sh
7. #./configure
8. # make -Wstringop-overread
Example of failed output:
CC bgpd/bgp_community_alias.o
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Example of successful output:
No warnings for strncmp usage during building frr 8.1.
[Where problems could occur]
* The patch itself modifies only the bgp_community_alias.c and BGP community aliases are useful to quickly identify what communities are set for a specific prefix in a human-readable format, so regressions should be limited to that.
---------------------------------original report--------------------------
This was flagged in the MIR[1] review for frr.
There is an incorrect strncmp() usage in the code that was flagged by gcc:
bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’:
bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread]
60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’:
bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread]
43 | return (strncmp(ca1->community, ca2->community,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
44 | sizeof(struct community_alias))
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I filed an upstream bug[2], and it was fixed[3].
1. https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834
2. https://github.com/FRRouting/frr/issues/10484
3. https://github.com/FRRouting/frr/pull/10485 |
|
2023-08-28 18:45:41 |
Steve Langasek |
frr (Ubuntu Jammy): status |
In Progress |
Incomplete |
|
2023-08-28 19:51:58 |
Steve Langasek |
bug |
|
|
added subscriber Steve Langasek |
2023-08-28 20:04:29 |
Michał Małoszewski |
tags |
server-todo |
|
|
2023-09-01 18:09:41 |
Michał Małoszewski |
frr (Ubuntu Jammy): status |
Incomplete |
Won't Fix |
|
2023-09-01 18:09:50 |
Michał Małoszewski |
frr (Ubuntu Jammy): assignee |
Michał Małoszewski (michal-maloszewski99) |
|
|