Skip to content

Cp prep #388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rjarry merged 3 commits into from
Nov 7, 2025
+36 −11
Merged

Cp prep #388

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
799f552
frr: enable various daemons
christophefontaine Nov 7, 2025
f6a3607
netlink: add set_ifalias helper
christophefontaine Nov 7, 2025
1fd91b9
infra: call external subscribers after the internal
christophefontaine Oct 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 1 addition & 8 deletions main/api.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ static LIST_HEAD(, api_ctx) clients = LIST_HEAD_INITIALIZER(clients);
// PID of the current request while API handler is called.
static __thread pid_t cur_req_pid;

static void api_send_notifications(uint32_t ev_type, const void *obj) {
void api_send_notifications(uint32_t ev_type, const void *obj) {
struct subscription *ev_subs = NULL;
struct module_subscribers *subs;
struct subscription *s;
Expand Down Expand Up @@ -498,14 +498,7 @@ void api_socket_stop(struct event_base *) {
disconnect_client(ctx);
}

static struct gr_event_subscription ev_subscribtion = {
.callback = api_send_notifications,
.ev_count = 1,
.ev_types = {EVENT_TYPE_ALL},
};

RTE_INIT(init) {
gr_event_subscribe(&ev_subscribtion);
gr_register_api_handler(&subscribe_handler);
gr_register_api_handler(&unsubscribe_handler);
gr_register_api_handler(&hello_handler);
Expand Down
1 change: 1 addition & 0 deletions main/api.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@

int api_socket_start(struct event_base *);
void api_socket_stop(struct event_base *);
void api_send_notifications(uint32_t ev_type, const void *obj);
3 changes: 3 additions & 0 deletions main/event.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
// SPDX-License-Identifier: BSD-3-Clause
// Copyright (c) 2025 Robin Jarry

#include "api.h"

#include <gr_api.h>
#include <gr_event.h>
#include <gr_log.h>
Expand All @@ -26,6 +28,7 @@ void gr_event_push(uint32_t ev_type, const void *obj) {
}
}
}
api_send_notifications(ev_type, obj);
}

STAILQ_HEAD(serializers, gr_event_serializer);
Expand Down
1 change: 1 addition & 0 deletions modules/infra/control/gr_netlink.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,4 @@ int netlink_del_addr4(const char *ifname, ip4_addr_t ip);
int netlink_add_addr6(const char *ifname, const struct rte_ipv6_addr *ip);
int netlink_del_addr6(const char *ifname, const struct rte_ipv6_addr *ip);
int netlink_set_addr_gen_mode_none(const char *ifname);
int netlink_set_ifalias(const char *ifname, const char *ifalias);
Copy link

@coderabbitai coderabbitai bot Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Buffer overflow risk in implementation (netlink.c)

The declaration follows existing patterns. However, the implementation in netlink.c:297-319 lacks validation that ifalias doesn't exceed IFALIASZ-1 bytes. Since mnl_attr_put_strz (line 319) will copy the full string into a fixed-size buffer, an oversized input can overflow the message buffer.

Apply this fix in netlink.c after line 302:

 int netlink_set_ifalias(const char *ifname, const char *ifalias) {
 	char buf[NLMSG_SPACE(sizeof(struct ifinfomsg) + NLA_SPACE(IFALIASZ))];
 	struct ifinfomsg *ifm;
 	struct nlmsghdr *nlh;
 	int ifindex;
 
+	if (strlen(ifalias) >= IFALIASZ)
+		return errno_set(EINVAL);
+
 	ifindex = if_nametoindex(ifname);

Committable suggestion skipped: line range outside the PR's diff.

27 changes: 27 additions & 0 deletions modules/infra/control/netlink.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@
#include <string.h>
#include <unistd.h>

// IFALIASZ is defined in linux/if.h
#define IFALIASZ 256

static char socket_buf[BUFSIZ];
static struct mnl_socket *nl_sock;
static int nl_seq;
Expand Down Expand Up @@ -292,6 +295,30 @@ int netlink_set_addr_gen_mode_none(const char *ifname) {
return netlink_send_req(nlh);
}

int netlink_set_ifalias(const char *ifname, const char *ifalias) {
char buf[NLMSG_SPACE(sizeof(struct ifinfomsg) + NLA_SPACE(IFALIASZ))];
struct ifinfomsg *ifm;
struct nlmsghdr *nlh;
int ifindex;

ifindex = if_nametoindex(ifname);
if (!ifindex)
return errno_set(ENODEV);

memset(buf, 0, sizeof(buf));
nlh = mnl_nlmsg_put_header(buf);
nlh->nlmsg_type = RTM_NEWLINK;
nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;

ifm = mnl_nlmsg_put_extra_header(nlh, sizeof(*ifm));
ifm->ifi_family = AF_UNSPEC;
ifm->ifi_index = ifindex;

mnl_attr_put_strz(nlh, IFLA_IFALIAS, ifalias);

return netlink_send_req(nlh);
}
Comment on lines +298 to +320
Copy link

@coderabbitai coderabbitai bot Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Validate ifalias length before constructing the message.

The function doesn't check if the ifalias string length fits within IFALIASZ (256 bytes) before calling mnl_attr_put_strz. If the string is too long, this could cause buffer overflow or silent truncation.

Add validation before constructing the message:

 int netlink_set_ifalias(const char *ifname, const char *ifalias) {
 	char buf[NLMSG_SPACE(sizeof(struct ifinfomsg) + NLA_SPACE(IFALIASZ))];
 	struct ifinfomsg *ifm;
 	struct nlmsghdr *nlh;
 	int ifindex;
 
+	if (strlen(ifalias) >= IFALIASZ)
+		return errno_set(EINVAL);
+
 	ifindex = if_nametoindex(ifname);
 	if (!ifindex)
 		return errno_set(ENODEV);
🤖 Prompt for AI Agents 
In modules/infra/control/netlink.c around lines 298 to 320, validate the ifalias
length before building the netlink message: check for NULL ifalias and use
strnlen(ifalias, IFALIASZ) (or equivalent) and if the length is >= IFALIASZ
return an error (e.g. return errno_set(EINVAL)) so you don't call
mnl_attr_put_strz with a too-long string; perform this check before memset(buf,
...) and constructing the nlmsg.


static void netlink_init(struct event_base *) {
nl_sock = mnl_socket_open(NETLINK_ROUTE);
if (!nl_sock)
Expand Down
6 changes: 3 additions & 3 deletions subprojects/packagefiles/frr/meson-add-dependency-definition.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,11 +104,11 @@ index 0000000..d26e979
+ '--prefix="' + prefix + '" ' +
+ '--with-moduledir="' + moduledir + '" ' +
+ '--disable-doc --enable-multipath=128 ' +
+ '--disable-ripd --disable-ripngd --disable-ospfd --disable-ospf6d ' +
+ '--disable-ripd --disable-ripngd ' +
+ '--disable-ldpd --disable-nhrpd --disable-eigrpd --disable-babeld ' +
+ '--disable-isisd --disable-pimd --disable-pim6d --disable-pbrd --disable-fabricd ' +
+ '--disable-pimd --disable-pim6d --disable-pbrd --disable-fabricd ' +
+ '--disable-vrrpd --disable-pathd --disable-ospfapi --disable-ospfclient ' +
+ '--disable-bfdd --disable-python-runtime ' + extra_configure_option + ' ' +
+ '--disable-python-runtime ' + extra_configure_option + ' ' +
+ '&& touch "' + configure_stamp + '"'
+ ],
+ depends: bootstrap,
Expand Down