search

jwbensley / Etherate

Linux CLI Ethernet and MPLS Testing Tool
MIT License
176 stars 19 forks source link

Unsafe reference #47

Closed jwbensley closed 6 years ago

jwbensley commented 6 years ago
ISSUE TYPE
VERSION DETAILS
user@R61:~$ uname -a
Linux R61 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

user@R61:~$ cat /etc/redhat-release || lsb_release -a || cat /etc/issue
cat: /etc/redhat-release: Tiedostoa tai hakemistoa ei ole
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.4 LTS
Release:    16.04
Codename:   xenial

user@R61:~$ lspci | grep -i eth
00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network Connection (rev 03)

user@R61:~$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:1f:e2:1a:f6:67 brd ff:ff:ff:ff:ff:ff
3: wls3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
    link/ether 00:21:5c:75:df:b9 brd ff:ff:ff:ff:ff:ff

user@R61:~$ etherate -v
Oops! Missing 802.1p VLAN ID
Usage info: etherate -h|--h

user@R61:~$ sudo etherate -l
Device lo with address 00:00:00:00:00:00, has interface index 1
Device enp0s25 with address 00:1f:e2:1a:f6:67, has interface index 2
Device wls3 with address 00:21:5c:75:df:b9, has interface index 3

user@R61:~$ etherate -V
Etherate version 1.16 2018-01
SUMMARY

frame_headers->sub_tlv_size = frame_headers->tlv_size + sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint64_t); before we've set frame_headers->tlv_size.

Reported by @yskripachov

STEPS TO REPRODUCE
> diff --git a/defaults.c b/defaults.c
index 0eea55e..83e94d7 100644
--- a/defaults.c
+++ b/defaults.c
@@ -92,11 +92,11 @@ void set_default_values(struct app_params *app_params,
     frame_headers->src_mac[3]        = 0x00;
     frame_headers->src_mac[4]        = 0x00;
     frame_headers->src_mac[5]        = 0x01;
+    frame_headers->tlv_size          = sizeof(uint8_t) + sizeof(uint16_t) +
+                                       sizeof(uint32_t);
     frame_headers->sub_tlv_size      = frame_headers->tlv_size +
                                        sizeof(uint8_t) + sizeof(uint16_t) +
                                        sizeof(uint64_t);
-    frame_headers->tlv_size          = sizeof(uint8_t) + sizeof(uint16_t) +
-                                       sizeof(uint32_t);
     frame_headers->tx_buffer         = (uint8_t*)calloc(1, F_SIZE_MAX);
     frame_headers->vlan_dei          = 0;
     frame_headers->vlan_id           = VLAN_ID_DEF;
@@ -328,4 +328,4 @@ int16_t setup_socket_interface(struct frame_headers *frame_headers,
jwbensley commented 6 years ago

This is fixed in version 1.17 (2018-04).