rpms/libnfnetlink
7
0
Fork 0
Code Issues Pull Requests Releases Activity

libnfnetlink-1.0.1-22.el9

Browse Source 
- libnfnetlink: Check getsockname() return code
- include: Silence gcc warning in linux_list.h

Resolves: RHEL-5798
This commit is contained in:
Phil Sutter 2024-05-08 21:31:55 +02:00
parent 9ba3ebe2fe
commit 228f5a77a4
3 changed files with 82 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
0001-include-Silence-gcc-warning-in-linux_list.h.patch Normal file
View File

@ -0,0 +1,33 @@
From d910da3d3ada3df4059a622a3dd4dbfe71313bcb Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 25 Mar 2022 18:33:55 +0100
Subject: [PATCH] include: Silence gcc warning in linux_list.h
Compiler complained about empty prefetch() macro:
| ../include/linux_list.h:385:66: warning: right-hand operand of comma expression has no effect [-Wunused-value]
| 385 | for (pos = list_entry((head)->next, typeof(*pos), member), \
| | ^
Use nftables' variant instead which gcc seems to like more.
Fixes: 36d2ed3de20a3 ("major cleanup of index2name infrastructure: use linux list (and fix leak in the nlif_close path)")
Signed-off-by: Phil Sutter <phil@nwl.cc>
(cherry picked from commit 90ba6791824ef761f9f397c05b20a2f102dbe74a)
---
include/linux_list.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/linux_list.h b/include/linux_list.h
index de182a4764706..cf71837f18347 100644
--- a/include/linux_list.h
+++ b/include/linux_list.h
@@ -29,7 +29,7 @@
1; \
})
-#define prefetch(x) 1
+#define prefetch(x) ((void)0)
/* empty define to make this work in userspace -HW */
#ifndef smp_wmb

40
0002-libnfnetlink-Check-getsockname-return-code.patch Normal file
View File

@ -0,0 +1,40 @@
From cebc5fb8352a25acd973dddfc18c48ca2858ac77 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 25 Mar 2022 18:33:55 +0100
Subject: [PATCH] libnfnetlink: Check getsockname() return code
The function may return -1 (and set errno). Assume it will leave
addr_len value unchanged, so checking is necessary to not hide the
error.
Fixes: 4248314d40187 ("nfnl: fix compilation warning with gcc-4.7")
Signed-off-by: Phil Sutter <phil@nwl.cc>
(cherry picked from commit 3cffa84fa74f40c57e9ef39ea5747d792d697367)
---
src/libnfnetlink.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/libnfnetlink.c b/src/libnfnetlink.c
index 4b2bcd015b0a6..14a311f2c448b 100644
--- a/src/libnfnetlink.c
+++ b/src/libnfnetlink.c
@@ -188,7 +188,8 @@ struct nfnl_handle *nfnl_open(void)
nfnlh->peer.nl_family = AF_NETLINK;
addr_len = sizeof(nfnlh->local);
- getsockname(nfnlh->fd, (struct sockaddr *)&nfnlh->local, &addr_len);
+ if (getsockname(nfnlh->fd, (struct sockaddr *)&nfnlh->local, &addr_len))
+ goto err_close;
if (addr_len != sizeof(nfnlh->local)) {
errno = EINVAL;
goto err_close;
@@ -209,7 +210,8 @@ struct nfnl_handle *nfnl_open(void)
/* use getsockname to get the netlink pid that the kernel assigned us */
addr_len = sizeof(nfnlh->local);
- getsockname(nfnlh->fd, (struct sockaddr *)&nfnlh->local, &addr_len);
+ if (getsockname(nfnlh->fd, (struct sockaddr *)&nfnlh->local, &addr_len))
+ goto err_close;
if (addr_len != sizeof(nfnlh->local)) {
errno = EINVAL;
goto err_close;

11
libnfnetlink.spec
View File

@ -1,6 +1,6 @@
Name: libnfnetlink Name: libnfnetlink
Version: 1.0.1 Version: 1.0.1
Release: 21%{?dist} Release: 22%{?dist}
Summary: Netfilter netlink userspace library Summary: Netfilter netlink userspace library
License: GPLv2+ License: GPLv2+
URL: http://netfilter.org URL: http://netfilter.org
@ -9,6 +9,9 @@ BuildRequires: kernel-headers
BuildRequires: automake autoconf libtool pkgconfig BuildRequires: automake autoconf libtool pkgconfig
BuildRequires: make BuildRequires: make
Patch1: 0001-include-Silence-gcc-warning-in-linux_list.h.patch
Patch2: 0002-libnfnetlink-Check-getsockname-return-code.patch
%description %description
libnfnetlink is a userspace library that provides some low-level libnfnetlink is a userspace library that provides some low-level
nfnetlink handling functions. It is used as a foundation for other, netfilter nfnetlink handling functions. It is used as a foundation for other, netfilter
@ -27,7 +30,7 @@ subsystem specific libraries such as libnfnetlink_conntrack, libnfnetlink_log
and libnfnetlink_queue. and libnfnetlink_queue.
%prep %prep
%setup -q %autosetup -p1
%build %build
%configure --disable-static %configure --disable-static
@ -54,6 +57,10 @@ find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'
%{_includedir}/libnfnetlink/*.h %{_includedir}/libnfnetlink/*.h
%changelog %changelog
* Wed May 08 2024 Phil Sutter <psutter@redhat.com> - 1.0.1-22
- libnfnetlink: Check getsockname() return code
- include: Silence gcc warning in linux_list.h
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.1-21 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.1-21
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688 Related: rhbz#1991688