[LTP] [PATCH] cve: new regression test-case for CVE-2018-5803
Petr Vorel
pvorel@suse.cz
Thu Mar 22 18:34:30 CET 2018
Hi Alexey,
> Do you think we should include linux headers for consistency?
Yes, although both SOL_SCTP and SOL_UDPLITE are defined the same for all architectures and
probably never change, I'd include the header.
Actually SOL_UDPLITE is already defined in include/lapi/socket.h.
This file was added as wrapper for values <sys/socket.h> in aac9d1f0e by Xiao Yang,
I included sys/socket.h in that lapi file in 3fd5746a8
Later you added in 0bc572423 constants from linux/socket.h.
I don't know what is a best practise, but I'd include both files in include/lapi/socket.h
(they don't conflict) (or don't include neither of them):
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
#ifdef HAVE_LINUX_SOCKET_H
# include <linux/socket.h>
#endif
> >> +
> >> #ifndef SOL_UDPLITE
> >> # define SOL_UDPLITE 136 /* UDP-Lite (RFC 3828) */
> >> #endif
As I wrote, this is already defined in include/lapi/socket.h.
> >> diff --git a/runtest/cve b/runtest/cve
> >> index 0c385c6..826bb0b 100644
> ...
> >> + fcntl(cfd, F_SETFL, O_NONBLOCK);
> >> + connect(cfd, (struct sockaddr *)&rmt, sizeof(rmt));
> > Minor nit: you can use SAFE_CONNECT().
> No, it should fail in the kernels with the fix, on the second test-case when
> we get over-sized INIT chunk, I think ENOMEM returns in that case.
Oh sorry, understand.
Kind regards,
Petr
More information about the ltp
mailing list