[LTP] [PATCH v2 5/5] Add test for CVE 2023-31248
Martin Doucha
mdoucha@suse.cz
Wed Nov 15 18:34:27 CET 2023
Hi,
On 15. 11. 23 8:43, 河原颯太 wrote:
> Hi Martin, Petr.
>
>
> 2023年11月15日(水) 0:39 Petr Vorel <pvorel@suse.cz>:
>>
>> Hi Martin,
>>
>> ...
>>> +++ b/testcases/network/iptables/nft02.c
>> ...
>>> +/* Chain creation and deletion config */
>>> +static const struct tst_netlink_attr_list newchain_config[] = {
>>> + {NFTA_TABLE_NAME, TABNAME, strlen(TABNAME) + 1, NULL},
>>> + {NFTA_CHAIN_NAME, CHAINNAME, strlen(CHAINNAME) + 1, NULL},
>>> + {NFTA_CHAIN_ID, &chain_id, sizeof(chain_id), NULL},
>>
>> Unfortunately the current oldest distros (Leap 42 and Ubuntu Bionic) are too old
>> for NFTA_CHAIN_ID, NFTA_RULE_CHAIN_ID, could you please add them to LAPI?
>
> It was the same on RHEL8 (and/or other clone OS).
>
> And, I would like to see this test added to runtest/cve and .gitignore.
Yes, sorry, I realized that shortly after submission and will fix it in
the next version.
> In my patch v1 about CVE-2023-31248 check error == ENOENT. In this
> case, test reports correct result.
> It may be difficult to implement test like patch v1 using the internal
> tst_netlink API, but we should be aware of this issue.
I've rewritten the test to use ENOENT check with the tst_netlink API.
May I credit you with Co-Developed-by or Suggested-by (choose one)?
--
Martin Doucha mdoucha@suse.cz
SW Quality Engineer
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
More information about the ltp
mailing list