Age | Commit message (Collapse) | Author | Files | Lines |
|
Add ipv6 host forward support
See merge request slirp/libslirp!62
|
|
Two exported functions are added which are the ipv6 versions of their
ipv4 counterparts: slirp_add_ipv6_hostfwd, slirp_remove_ipv6_hostfwd.
Signed-off-by: Doug Evans <dje@google.com>
|
|
This is actually similar to the fix in 9f78e94912f9 ("Fix a typo that
can cause slow socket response on Windows."), except that here there is
no semantic change since s = so->s above.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
[PATCH] Fix a typo that can cause slow socket response on Windows.
See merge request slirp/libslirp!64
|
|
We observed slow responses on a host forwarded port on Windows. Investigation revealed that qemu_fd_register was being called with fd=-1 and this caused g_poll in qemu_poll_ns timing out. I tracked this behavior to following commit:
748f8f4 slirp: replace qemu_set_nonblock()
@@ -482,7 +483,8 @@ void tcp_connect(struct socket *inso)
tcp_close(sototcpcb(so)); /* This will sofree() as well */
return;
}
- qemu_set_nonblock(s);
+ slirp_set_nonblock(s);
+ so->slirp->cb->register_poll_fd(so->s);
It seems that calling register_poll_fd with so->s instead of s may be a typo. Changing it back to s solves this issue. The commit 748f8f4 made similar change in tcp_fconnect but I have not touched it.
Signed-off-by: Hafiz Abid Qadeer <abidh@codesourcery.com>
|
|
Fix unused variables
See merge request slirp/libslirp!63
|
|
../../subprojects/libslirp/src/slirp.c:131:17: error: unused variable
'old_stat' [-Werror,-Wunused-variable]
struct stat old_stat;
^
../../subprojects/libslirp/src/slirp.c:143:10: error: unused variable
'buff' [-Werror,-Wunused-variable]
char buff[512];
^
2 errors generated.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
fork_exec_child_setup: improve signal handling
See merge request slirp/libslirp!61
|
|
Blocked signal state is inherited across exec(), so let's zero that out rather
than inherit whatever it was when we spawned the child.
POSIX has some strange rules about SIG_IGN'd SIGCHLD across exec, so let's not
do that, just for consistency.
|
|
Remove some needless (void)casts
See merge request slirp/libslirp!60
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Release v4.4.0
See merge request slirp/libslirp!59
|
|
|
|
socket: consume empty packets
See merge request slirp/libslirp!55
|
|
it fixes a tightloop when a packet with len==0 is received.
Closes: https://github.com/rootless-containers/slirp4netns/issues/227
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Enable forwarding ICMP errors
See merge request slirp/libslirp!49
|
|
udp, udp6, icmp: handle TTL value
See merge request slirp/libslirp!48
|
|
slirp: check pkt_len before reading protocol header
See merge request slirp/libslirp!57
|
|
While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
routines, ensure that pkt_len is large enough to accommodate the
respective protocol headers, lest it should do an OOB access.
Add check to avoid it.
CVE-2020-29129 CVE-2020-29130
QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets
-> https://www.openwall.com/lists/oss-security/2020/11/27/1
Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20201126135706.273950-1-ppandit@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Remove the QEMU-special make build-system
See merge request slirp/libslirp!56
|
|
Since QEMU 5.2, QEMU uses meson and handle the build itelf before it
starts using libslirp as a subproject.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
meson: support compiling as subproject
See merge request slirp/libslirp!53
|
|
Add DNS resolving for iOS
See merge request slirp/libslirp!54
|
|
iOS does not support reading /etc/resolv.conf so we have to use libresolv
Also modified build script to support building on Darwin systems.
|
|
Skip installation of devel files if compiling as
a subproject, including the library if a static version is
available; the parent project can force usage of the (installed)
shared library using default_library=shared.
An option can also be used to customize the SLIRP_VERSION_STRING
and ascertain if the parent project is using the embedded version
of slirp.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
Unfortunately meson subprojects do not support add_dist_script, so we
cannot generate the .tarball-version file at "meson dist" time.
Include the version in the meson project declaration, and use
build-aux/git-version-gen only to determine SLIRP_VERSION_STRING.
Instead of the dist script, we check that the version in the
project declaration matches the latest tag. If they do not match
it will be impossible to run "ninja dist" successfully.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
.gitlab-ci: add a Coverity stage
See merge request slirp/libslirp!51
|
|
Add G_GNUC_PRINTF to local function slirp_vsnprintf
See merge request slirp/libslirp!52
|
|
Signed-off-by: Stefan Weil <sw@weilnetz.de>
|
|
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
sizeof() returns a size_t so the tcpiphdr / ip+tcphdr difference will be
a size_t and always be >= 0, while this intended to detect the
difference getting < 0.
This is actually a no-op with the current code because it currently has
tcpiphdr bigger than ip+tcphdr.
Spotted by Coverity: CID 212435.
Spotted by Coverity: CID 212440.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Not all icmp errors are reported as errno errors. Linux however lets us
get them through a message error queue.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
They work like icmp_send_error and icmp6_send_error but allow to specify
the source IP address
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
For traceroute and such, we need to handle the TTL value like a router.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
ip_stripoptions use memmove
See merge request slirp/libslirp!47
|
|
ip_stripoptions is moving data long in the same buffer; that's undefined
with memcpy, use memmove.
Buglink: https://bugs.launchpad.net/qemu/+bug/1878043
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Release v4.3.1
See merge request slirp/libslirp!46
|
|
|
|
util: do not silently truncate
See merge request slirp/libslirp!45
|
|
snprintf() always nul-terminate.
The return value is the number of business bytes that would be produced
if the buffer was large enough.
If it returns N for a N size buffer, it means truncation occurred (and
we lost one business byte).
Related to: #22
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|
|
Drop bogus IPv6 messages
See merge request slirp/libslirp!44
|
|
The size for Header has to be accounted for as well.
|
|
Drop IPv6 message shorter than what's mentioned in the payload
length header (+ the size of the IPv6 header). They're invalid an could
lead to data leakage in icmp6_send_echoreply().
|
|
The code is unreachable, so no need to break.
This silence static analyzer warnings.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Fix the following GCC warnings:
src/ncsi.c: In function ‘ncsi_input’:
src/ncsi.c:139:31: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual]
139 | struct ncsi_pkt_hdr *nh = (struct ncsi_pkt_hdr *)(pkt + ETH_HLEN);
| ^
src/dnssearch.c: In function ‘translate_dnssearch’:
src/dnssearch.c:242:33: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual]
242 | num_domains = g_strv_length((GStrv)names);
| ^
src/slirp.c: In function ‘arp_input’:
src/slirp.c:747:31: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual]
747 | struct slirp_arphdr *ah = (struct slirp_arphdr *)(pkt + ETH_HLEN);
| ^
src/dnssearch.c: In function ‘translate_dnssearch’:
src/dnssearch.c:242:33: error: cast discards ‘const’ qualifier from pointer target type [-Werror=cast-qual]
242 | num_domains = g_strv_length((const GStrv)names);
| ^
src/slirp.c: In function ‘arp_input’:
src/slirp.c:764:48: error: passing argument 3 of ‘arp_table_add’ discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
764 | arp_table_add(slirp, ah->ar_sip, ah->ar_sha);
| ~~^~~~~~~~
In file included from src/slirp.c:25:
src/slirp.h:101:60: note: expected ‘uint8_t *’ {aka ‘unsigned char *’} but argument is of type ‘const unsigned char *’
101 | void arp_table_add(Slirp *slirp, uint32_t ip_addr, uint8_t ethaddr[ETH_ALEN]);
| ~~~~~~~~^~~~~~~~~~~~~~~~~
src/slirp.c:783:48: error: passing argument 3 of ‘arp_table_add’ discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
783 | arp_table_add(slirp, ah->ar_sip, ah->ar_sha);
| ~~^~~~~~~~
In file included from src/slirp.c:25:
src/slirp.h:101:60: note: expected ‘uint8_t *’ {aka ‘unsigned char *’} but argument is of type ‘const unsigned char *’
101 | void arp_table_add(Slirp *slirp, uint32_t ip_addr, uint8_t ethaddr[ETH_ALEN]);
| ~~~~~~~~^~~~~~~~~~~~~~~~~
src/slirp.c:804:44: error: passing argument 3 of ‘arp_table_add’ discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
804 | arp_table_add(slirp, ah->ar_sip, ah->ar_sha);
| ~~^~~~~~~~
In file included from src/slirp.c:25:
src/slirp.h:101:60: note: expected ‘uint8_t *’ {aka ‘unsigned char *’} but argument is of type ‘const unsigned char *’
101 | void arp_table_add(Slirp *slirp, uint32_t ip_addr, uint8_t ethaddr[ETH_ALEN]);
| ~~~~~~~~^~~~~~~~~~~~~~~~~
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
A packed struct needs different gcc attributes for compilations
with MinGW compilers because glib-2.0 adds compiler flag
-mms-bitfields which modifies the packing algorithm.
Attribute gcc_struct reverses the negative effects of -mms-bitfields.
We already have the SLIRP_PACKED definition for that, use it.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
Error: CHECKED_RETURN (CWE-252): [#def26]
libslirp-4.3.0/src/tftp.c:121: check_return: Calling "lseek(spt->fd, block_nr * spt->block_size, 0)" without checking return value. This library function may fail and return an error code.
119|
120| if (len) {
121|-> lseek(spt->fd, block_nr * spt->block_size, SEEK_SET);
122|
123| bytes_read = read(spt->fd, buf, len);
Signed-off-by: Jindrich Novy <jnovy@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
|