ip: fix crash in "ip neigh show"

parse_rtattr() was using tb[] array without initializing it. Based on patch by Balaji Punnuru <balaji_punnuru@cable.comcast.com> function old new delta parse_rtattr 85 107 +22 print_route 1630 1617 -13 print_linkinfo 807 794 -13 iproute_get 835 822 -13 print_rule 680 665 -15 ll_remember_index 263 248 -15 print_addrinfo 1223 1197 -26 ipaddr_list_or_flush 1253 1223 -30 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/7 up/down: 22/-125) Total: -103 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-02-08 08:42:37 +01:00
parent 237a900bc5
commit 68ae54243c
7 changed files with 28 additions and 20 deletions
--- a/networking/libiproute/ipaddress.c
+++ b/networking/libiproute/ipaddress.c
@@ -113,7 +113,7 @@ static NOINLINE int print_linkinfo(const struct nlmsghdr *n)
 	if (G_filter.up && !(ifi->ifi_flags & IFF_UP))
 		return 0;

-	memset(tb, 0, sizeof(tb));
+	//memset(tb, 0, sizeof(tb)); - parse_rtattr does this
 	parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len);
 	if (tb[IFLA_IFNAME] == NULL) {
 		bb_error_msg("nil ifname");
@@ -227,7 +227,7 @@ static int FAST_FUNC print_addrinfo(const struct sockaddr_nl *who UNUSED_PARAM,
 	if (G_filter.flushb && n->nlmsg_type != RTM_NEWADDR)
 		return 0;

-	memset(rta_tb, 0, sizeof(rta_tb));
+	//memset(rta_tb, 0, sizeof(rta_tb)); - parse_rtattr does this
 	parse_rtattr(rta_tb, IFA_MAX, IFA_RTA(ifa), n->nlmsg_len - NLMSG_LENGTH(sizeof(*ifa)));

 	if (!rta_tb[IFA_LOCAL])
@@ -535,7 +535,7 @@ int FAST_FUNC ipaddr_list_or_flush(char **argv, int flush)
 					continue;
 				if (G_filter.pfx.family || G_filter.label) {
 					struct rtattr *tb[IFA_MAX+1];
-					memset(tb, 0, sizeof(tb));
+					//memset(tb, 0, sizeof(tb)); - parse_rtattr does this
 					parse_rtattr(tb, IFA_MAX, IFA_RTA(ifa), IFA_PAYLOAD(n));
 					if (!tb[IFA_LOCAL])
 						tb[IFA_LOCAL] = tb[IFA_ADDRESS];