Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix recursive tcpedit cleanup #855

Merged
merged 1 commit into from
Jun 3, 2024
Merged

Fix recursive tcpedit cleanup #855

merged 1 commit into from
Jun 3, 2024

Conversation

GabrielGanne
Copy link
Contributor

Assume a single tcpedit struct and return the previously allocated context if called twice.

This fixes an issue with the Juniper Encapsulated Ethernet DLT plugin which has an exception in the way the plugins works with regard to the extra buffer in question: tcpreplay works with the assumption that there only ever is a single link layer plugin which is mostly true except here: Juniper has a special call to tcpedit_dlt_copy_decoder_state() which causes the ctx and subctx to share a reference to the decoded_extra buffer, and a double free.

Fixes: #813 #850

@GabrielGanne
Fix recursive tcpedit cleanup
d00951b 
Assume a single tcpedit struct and return the previously allocated
context.

This fixes an issue with the Juniper Encapsulated Ethernet DLT plugin
which has an exception in the way the plugins works with regard to the
extra buffer in question: tcpreplay works with the assumption that there
only ever is a single link layer plugin which is mostly true except
here: Juniper has a special call to tcpedit_dlt_copy_decoder_state()
which causes the ctx and subctx to share a reference to the
decoded_extra buffer, and a double free.

Fixes: appneta#813 appneta#850
@GabrielGanne
Copy link
Contributor Author

Hi,
cpp-linter is failing with the following error:

src/tcpedit/plugins/dlt_plugins.c:21:10 [clang-diagnostic-error]: src/tcpedit/plugins/dlt_plugins.c#L21
'config.h' file not found

Is it possible this is some configuration issue ? The normal build works fine.
BR

@fklassen fklassen changed the base branch from master to 4.5.0 June 3, 2024 03:16
@fklassen fklassen self-assigned this Jun 3, 2024
@fklassen fklassen added the bug label Jun 3, 2024
@fklassen
Copy link
Member

fklassen commented Jun 3, 2024

Hi, cpp-linter is failing with the following error:

src/tcpedit/plugins/dlt_plugins.c:21:10 [clang-diagnostic-error]: src/tcpedit/plugins/dlt_plugins.c#L21
'config.h' file not found

Is it possible this is some configuration issue ? The normal build works fine. BR

In 4.5.0 I made it so that the linter never fails, but it will still put inline suggestions in the PR. If the code quality goes up, I can restore the CI failure.

@fklassen
Copy link
Member

fklassen commented Jun 3, 2024

Thanks for the PR. Will merge to 4.5.0 now and then test before release.

@fklassen fklassen merged commit 0d52251 into appneta:4.5.0 Jun 3, 2024
2 of 3 checks passed
@fklassen fklassen mentioned this pull request Jun 3, 2024
Closed
@fklassen
Copy link
Member

fklassen commented Jun 4, 2024

I had to re-open #813 and back out this change because this PR, when applied after fixes #711 and #851, introduced a memory leak.

fklassen added a commit that referenced this pull request Jun 4, 2024
@fklassen
Bug #813: back out PR #855
84dee5e 
Double free was fixed in PRs #711 and #851. This fix applied after these PRs introduces memory leaks.
fklassen added a commit that referenced this pull request Jun 4, 2024
@fklassen
Merge pull request #866 from appneta/Bug_813_DLT_Juniper_double_free
0a21597 
Bug #813: back out PR #855
@GabrielGanne
Copy link
Contributor Author

I had to re-open #813 and back out this change because this PR, when applied after fixes #711 and #851, introduced a memory leak.

It seems I messed up. The assumption that there's a single tcpedit struct is probably wrong in some situations.
Sorry about that.
Did you find a correct fix in the end ? Do you want me to have another look sometime ?

@fklassen
Copy link
Member

Not a problem. I much prefer getting help and becoming a tester than hunting down problems on my own. Your contributions are always welcome.

@GabrielGanne GabrielGanne deleted the recursive-tcpedit-cleanup branch October 14, 2024 11:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@fklassen fklassen

Labels
bug
Projects
4.5
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug] Double free in tcpedit_dlt_cleanup in tcprewrite
2 participants
@GabrielGanne @fklassen