[LTP] [PATCH v2 5/5] Add test for CVE 2023-31248
河原颯太
souta.kawahara@miraclelinux.com
Thu Nov 16 00:39:57 CET 2023
Hi Martin,
2023年11月16日(木) 2:34 Martin Doucha <mdoucha@suse.cz>:
>
> Hi,
>
> On 15. 11. 23 8:43, 河原颯太 wrote:
> > Hi Martin, Petr.
> >
> >
> > 2023年11月15日(水) 0:39 Petr Vorel <pvorel@suse.cz>:
> >>
> >> Hi Martin,
> >>
> >> ...
> >>> +++ b/testcases/network/iptables/nft02.c
> >> ...
> >>> +/* Chain creation and deletion config */
> >>> +static const struct tst_netlink_attr_list newchain_config[] = {
> >>> + {NFTA_TABLE_NAME, TABNAME, strlen(TABNAME) + 1, NULL},
> >>> + {NFTA_CHAIN_NAME, CHAINNAME, strlen(CHAINNAME) + 1, NULL},
> >>> + {NFTA_CHAIN_ID, &chain_id, sizeof(chain_id), NULL},
> >>
> >> Unfortunately the current oldest distros (Leap 42 and Ubuntu Bionic) are too old
> >> for NFTA_CHAIN_ID, NFTA_RULE_CHAIN_ID, could you please add them to LAPI?
> >
> > It was the same on RHEL8 (and/or other clone OS).
> >
> > And, I would like to see this test added to runtest/cve and .gitignore.
>
> Yes, sorry, I realized that shortly after submission and will fix it in
> the next version.
>
> > In my patch v1 about CVE-2023-31248 check error == ENOENT. In this
> > case, test reports correct result.
> > It may be difficult to implement test like patch v1 using the internal
> > tst_netlink API, but we should be aware of this issue.
>
> I've rewritten the test to use ENOENT check with the tst_netlink API.
> May I credit you with Co-Developed-by or Suggested-by (choose one)?
Good! Thank You so much.
Co-Developed-by is better for me :)
Best regards,
Souta Kawahara <souta.kawahara@miraclelinux.com>
>
> --
> Martin Doucha mdoucha@suse.cz
> SW Quality Engineer
> SUSE LINUX, s.r.o.
> CORSO IIa
> Krizikova 148/34
> 186 00 Prague 8
> Czech Republic
>
More information about the ltp
mailing list