netutils/netlib/netlib_getarptab.c: Do not initialize response buffer, it is write-only. Also add a check to assue that the sequence number in the response is the same as the sequence number in the request.

2019-11-04 09:04:17 -06:00 · 2019-11-04 09:04:17 -06:00 · af6719d78d
commit af6719d78d
parent 75c9ed72d1
1 changed files with 13 additions and 13 deletions
--- a/netutils/netlib/netlib_getarptab.c
+++ b/netutils/netlib/netlib_getarptab.c
@ -168,19 +168,7 @@ ssize_t netlib_get_arptable(FAR struct arp_entry_s *arptab, unsigned int nentrie
      goto errout_with_socket;
    }

-  /* Initialize the response buffer.
-   * REVISIT:  Linux examples that I have seen just pass a raw buffer.  I am
-   * not sure how they associate the requested data to the recv() without a
-   * sequence number.
-   */
-
-  memset(&resp->hdr, 0, sizeof(resp->hdr));
-  resp->hdr.nlmsg_len  = NLMSG_LENGTH(sizeof(struct ndmsg));
-  resp->hdr.nlmsg_seq  = thiseq;
-  resp->hdr.nlmsg_type = RTM_GETNEIGH;
-
-  memset(&resp->msg, 0, sizeof(resp->msg));
-  resp->msg.ndm_family = AF_INET;
+  /* Read the response */

  nrecvd = recv(fd, resp, allocsize, 0);
  if (nrecvd < 0)
@ -201,6 +189,18 @@ ssize_t netlib_get_arptable(FAR struct arp_entry_s *arptab, unsigned int nentrie
      goto errout_with_socket;
    }

+   /* The sequence number in the response should match the sequence
+    * number in the request (since we created the socket, this should
+    * always be tree).
+    */
+
+   if (resp->hdr.nlmsg_seq != thiseq)
+     {
+      fprintf(stderr, "ERROR: Bad sequence number in response\n");
+      ret = -EIO;
+      goto errout_with_socket;
+     }
+
  /* Copy the ARP table data to the caller's buffer */

  paysize = resp->attr.rta_len;