Activity for net-tools
-
Bernd Eckenfels committed [fc3a13] on Code
po: Update Georgian translation
-
GitHub committed [c91448] on Code
Update THANKS: 3 recent contributors
-
Bernd Eckenfels committed [f47f99] on Code
INSTALLING: more details
-
Bernd Eckenfels committed [d58d5c] on Code
workflows: add prerequisites
-
Bernd Eckenfels committed [df95c4] on Code
compile with HAVE BT and selinux
-
Bernd Eckenfels committed [ee8c89] on Code
tr,selinux: fix and enable dependencies
-
Bernd Eckenfels committed [9a35a8] on Code
po: fix duplicate
-
Bernd Exkenfels committed [52f5e2] on Code
remove outdated per file versions
-
Bernd Exkenfels committed [a7958f] on Code
remove legacy CVS source id/versions
-
Bernd Exkenfels committed [28210b] on Code
remove trailing whitespace in source
-
Bernd Eckenfels committed [3c898c] on Code
interface.c: use ASCII only
-
Bernd Eckenfels committed [024814] on Code
pot: refresh line numbers
-
Revert 55c95c0
-
Bernd Eckenfels committed [873fce] on Code
TODO: removed ancient todos.
-
Bernd Eckenfels committed [7738ae] on Code
Deleted outdated RPM stanza.
-
Bernd Eckenfels committed [184542] on Code
cleanup fetching of interface flags
-
Bernd Eckenfels committed [24a22e] on Code
netstat.c: silenced Wformat-truncation
-
Bernd Eckenfels committed [5a8ca3] on Code
ifconfig.8: remove dead link
-
Bernd Eckenfels committed [434e18] on Code
ifconfig.8: fix bold
-
Bernd Eckenfels committed [f0df16] on Code
update man pages
-
Bernd Eckenfels committed [fecc57] on Code
ifconfig: fix short header alignemnt
-
Bernd Eckenfels committed [a473e4] on Code
Fix overrun and compressed formatting
-
Merge translation updates from Debian.
-
Change interface name length overflow to warning.
-
Bernd Eckenfels committed [2dbdb4] on Code
mii-tool.8: make clear to prefer ethtool (#15)
-
Bernd Eckenfels committed [f2cfc4] on Code
netstat.8: do not list tcpip (#8)
-
Bernd Eckenfels committed [c8eba5] on Code
netstat.8: clarify Send-Q (#24)
-
Bernd Eckenfels committed [55c95c] on Code
interface.c: Avoid INET socket warning (patch from SuSE)
-
GitHub committed [e779d9] on Code
netstat: add (undocumented) SuSE alias -T for -W
-
GitHub committed [ba936b] on Code
Update README: added license, removed todo, make legacy
-
Bernard Pidoux modified a comment on ticket #48
Hi Bernd, I downloaded 3.14-alpha ifconfig and it is working fine with AX25, NetRom and Rose devices with AX25 compliant callsigns. Too long calls would be rejected by librairies, So no fear about it. In the mean time I also ran netstat with --ax25 and --rose options. Everything goes well. Thanks. Bernard, f6bvp / ai7bg
-
Hi Bernd, I downloaded 3.14-alpha ifconfig and it is working fine with all ax25, NetRom and Rose devices with AX25 compliant callsigns. Too long calls would be rejected by librairies, So no fear about it. In themean time I also ran netstat with --ax25 and --rose options. Everything goes well. Thanks. Bernard, f6bvp / ai7bg
-
WHR posted a comment on merge request #14
I can try to implement it after this merge request merged into master.
-
yes also an good option. i cant imagine some scripts using that value, so a illegal character should not break it. so i agree, we just print ?? for the digits we know we did not get info,
-
ip link output for this interface: 5: ibp94s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2044 qdisc mq state UP mode DEFAULT group default qlen 256 link/infiniband a0:00:03:00:fe:80:00:00:00:00:00:00:7c:fe:90:03:00:ab:19:d1 brd 00:ff:ff:ff:ff:12:40:1b:ff:ff:00:00:00:00:00:00:ff:ff:ff:ff Print ? for the unknown part, such as infiniband a0:00:03:00:fe:80:00:00:00:00:00:00:7c:fe:??:??:??:??:??:?? txqueuelen 256 (InfiniBand) may be better?
-
can you compare it to ip link as well please? (yes we can lowecase it as well) - i wonder if we should orint the address truncated instead of 0 filled, then its less confusing
-
Bernd Eckenfels committed [1fae4f] on Code
Unify DEBUG in ib.c
-
Make netstat host name truncations obvious
-
one option would be to use only ".." as its not legal in addresses or hostnames and only wastes 2 char..
-
sorry for commenting so late i am not sure about this, since it will lose 4 characters, people should use the text only for informational purpose and when rhey need details use the -W flag. we could consider printing a warning but then again rhat might be annoying and/or break scripts. so i am inclined to change nothing, however i have here a code simplification (and it also truncates overly long service names) https://github.com/ecki/net-tools/commit/5ed46d54370af613f14e52428e7815a4ae69b8c2
-
The only thing to complain about the current display format is, the Infiniband addresses are being formatted with uppercase hexadecimal numbers, while Ethernet addresses use lowercase; this is a little inconsistent, in my opinion.
-
do you happen to have ib hardware? yes. can you post the output before and after the patch? sure. before: ibp94s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 2044 inet 10.x.x.x netmask 255.255.240.0 broadcast 10.x.x.x inet6 fe80::7efe:9003:ab:19d1 prefixlen 64 scopeid 0x20<link> Infiniband hardware address can be incorrect! Please read BUGS section in ifconfig(8). infiniband A0:00:03:00:FE:80:00:00:00:00:00:00:00:00:00:00:00:00:00:00 txqueuelen 256 (InfiniBand) RX packets 343919407360 bytes 673369747779144...
-
netstat(8) treat ipx port numbers in host byte order (fixing display on little-endian systems)
-
thanks for the patch, merged now
-
Bernd Eckenfels committed [c4a0b2] on Code
netstat: port numbers in /proc/net/ipx/socket are in host byte order
-
netstat(8) treat ipx port numbers in host byte order (fixing display on little-endian systems)
-
thanks for the ptch and sorry I somehow missed it (did not even know SF has merge requests :), do you happen to have ib hardware? can you post the output before and after the patch? what i am wondering, is the kernel still claiming its address type ether? or can we maybe format this with thr more usuak 0000:0000.. quad format based on the address type?
-
Fix sprintf that should be snprintf
-
thanks, no idea how that got lost :)thanks!
-
Adam Sampson created merge request #15 on Code
Fix sprintf that should be snprintf
-
Bernd Eckenfels committed [b72369] on Code
README: mention manpages-i10n and avoid dummy version
-
ifconfig buffer overflow in ax25 and netrom
-
ifconfig buffer overflow (net-tools 3.14-alpha)
-
I fixed the buffer sizes for NETROM_print and AX25_print in the master branch (with some additional hardening using snprintf) Would be good Bernd and Bernard if you can test it. I am not sure how to deal with longer callsigns, but at least they wont crash it.
-
Bernd Eckenfels committed [c084d1] on Code
Prevent overflow in ax25 and netrom
-
GitHub committed [0a30b8] on Code
route: read, store and output metric as uint32_t (#39)
-
GitHub committed [280976] on Code
Avoid memcpy (reverted from Last)
-
GitHub committed [61f489] on Code
Interface name size checking (#21)
-
I ran ifconfig succesfully with following patch that wad tested with Ubuntu running stable kernel 6.15.10 --- netrom.old.c 2025-08-15 15:46:49.100721078 +0200 +++ netrom.c 2025-08-15 16:24:54.710824595 +0200 @@ -54,7 +54,7 @@ static const char NETROM_print(const char ptr) { - static char buff[8]; + static char buff[10]; int i; for (i = 0; i < 6; i++) { --- ax25.old.c 2025-08-15 15:46:49.099443771 +0200 +++ ax25.c 2025-08-15 16:25:10.447445233 +0200 @@ -49,7 +49,7 @@ static const char AX25_print(const...
-
In order to trigger ifconfig issue with NetRom interface Newly installed Ubuntu Linux version 6.14.0-27-generic (buildd@lcy02-amd64-120) (x86_64-linux-gnu-gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0, GNU ld (GNU Binutils for Ubuntu) 2.42) #27~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Tue Jul 22 17:38:49 UTC 2 ~$ ifconfig lo lo: flags=73<up,loopback,running> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Boucle locale) RX packets 290 bytes 27402...
-
I dont think we Need Futter help, the bug is unzerstood and easy to fix, I think it is even found in more places, so it takes a good come through the source to fix all places. If you want you can help with that, specifically looking at the smaller stack buffers in various functions.other than that I just had no time to code it up myself, a GitHub PR can speed this up a bit.Gruß,Bernd-- https://bernd.eckenfels.net Von: bugs@net-tools.p.re.sourceforge.net <bugs@net-tools.p.re.sourceforge.net> im Auftrag...
-
Martin Cooper posted a comment on ticket #48
What can I do to help get this change committed? The issue has been open for a year, and is assigned to a milestone (BETA-1.65-UPSTREAM) which has already been marked Closed. The Owner is 'nobody', though that is apparently not unusual. The changes to fix the issue are trivial. If there's anything I can do to nudge this along, so that we can get ifconfig working again, someone please let me know.
-
There is a similar issue with NetRom callsigns leading to a buffer overflow for the same reason of buffer dimension. Linux version 6.14.0-24-generic (buildd@lcy02-amd64-010) (x86_64-linux-gnu-gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0, GNU ld (GNU Binutils for Ubuntu) 2.42) #24~24.04.3-Ubuntu SMP PREEMPT_DYNAMIC Mon Jul 7 16:39:17 UTC 2 issuing ifconfig command gives : nr0: flags=193<up,running,noarp> mtu 236 *** buffer overflow detected ***: terminated Abandon (core dumped)</up,running,noarp>...
-
Helge Kreutzmann posted a comment on ticket #47
No, there is nothing you need to do regarding the translation of man pages in the future. manpages-l10n synchronized with all distributions at least once a month, and then the translators become active and update the translations according to their schedule. Also we deliver the translations according to the man pages of the distribution. So if a distribution ships a different copy of e.g. hostname.1, then the translation will be according to this copy, not to the one from net-tools. To ease the burden...
-
is there anything needed to trigger a translation lr ill you monitor upstream automatically? i think i will do the next release without major structural changes but after that i remove the i10n dirs for manoages when you deal with distributions, they might have their own copies (for example hostname)
-
As agreed upon by e-mail, I imported the localized (translated) man pages successfully in manpages-l10n. Please remove them at your earliest convenience. If you could make an upload without the translated man pages in the next months, preferably until mid September 2025, this would be great.
-
As AX25 interface callsign cannot be longer than 6 character, the correct patch should be : - static char buff[8]; + static char buff[10]; that is enough space for 6 characters, '-' sign, two digits SSID, and null terminating string '\0'
-
I finally agree with Martin that printing AX25 callsign needs a 10 characters buffer. Presently none of the three stations are experiencing ifconfig craches. Their ax0 interface callsigns have no more than 5 characters plus SSID of one or two characters. F6BVP-8, F6BVP-10 and F6KKR-10. In order to test my own station I set ax0 interface callsign to maximum AX25 size (6 characters + 2 digits SSID) and it did not induce any crash (TM6BVP-10). System is a RaspBerry Pi ~$ cat /proc/version Linux version...
-
thanks for the files Bernard, do all 3 stations crash? i would agree woth Martin, its not q optimizer problem, but those optimisations are know to chqmge the packing qnd therefore can trigger crashes more easily. but fixing the overflow should be enough to avoid it.
-
Not sufficient. 6-character callsign + "-" + 2-digit SSID + terminating "\0" = 10 characters.
-
A 7th byte is allocated for the SSID, which, as you note, can be a 2-digit number, so the SSID can be one or two digits, plus the separating dash. That's potentially 3 characters in addition to the 6-character callsign, plus a trailing "\0", requiring a 10-character buffer, not the 8 characters currently in the code.
-
This is not related to compiler optimizations. The buffer in AX25_print is just too short, plain and simple. On this line: https://sourceforge.net/p/net-tools/code/ci/master/tree/lib/ax25.c#l52 a buffer of 8 characters is allocated. The code then proceeds to unpack an AX.25 address into that buffer. Let's say the address is my callsign, with an SSID. That might be "KD6YAM-11", for example. Along with a trailing "\0", that needs a buffer of 10 bytes. Trying to use a buffer of 8 bytes will cause buffer...
-
Hi Bernd, Once again the buffer overflow is clearly related to -O2 option while compiling ifconfig.c For some reason the compiler is taking some liberties in reducing the size of a buffer. Here are three /proc/net/ax25 files coming from three different active AX.25 neighbour node stations : 73s de Bernard, f6bvp / ai7bg Le 24/06/2025 à 18:14, Bernd Eckenfels a écrit : thanks for debugging, will make sure that buffer cant overflow in the future. can you maybe add your /proc/net/ax25 file for testing...
-
Hi Bernd, Once again the buffer overflow is clearly related to -O2 option while compiling ifconfig.c For some reason the compiler is taking some liberties in reducing the size of a buffer. Here are three /proc/net/ax25 files coming from three different active AX.25 neighbour node stations : 73s de Bernard, f6bvp / ai7bg
-
thanks for debugging, will make sure that buffer cant overflow in the future. can you maybe add your /proc/net/ax25 file for testing (not sure that actually works without ioctl, but at least i can validate the kernel version view)
-
Hi David, Special hamradio callsigns that have more than 6 characters cannot be handled by any AX25 application. AX25 protocol has been adopted in the 80s and the callsigns maximum number of characters was set to 6. A seventh character (shifted ASCII) is reserved for SSID from 0 to 15). All these limitations cannot be changed specially now that AX25 is less supported. 73 de Bernard F6BVP / AI7BG
-
Hi David, Thank you for confirming the bug of buffer overflow in ifconfig for AX25_print(). As I first noticed removing -O2 in makefile solved the bug. In lib/ax25.c T increasing the buffer by one byte from 8 to 9 : 50 static const char AX25_print(const char ptr) 51 { 52 static char buff[9]; succeeded in preventing optimizing compilation tool to induce a buffer overflow and program abort. I hope this will be accepted soon now that you observed the same bug. 73 d Bernard, f6bvp
-
David Ranch modified a comment on ticket #48
Hello everyone, KD6YAM and I recently noticed this issue in Linux Mint 22.1 and Ubuntu 24.04.2 as of 06/23/25. Please note that special event callsigns in different countries can get quite long plus the two digit SSID. See https://ham.stackexchange.com/questions/10339/which-country-s-hams-have-the-longest-call-signs for some ideas but the field could get quite long with say 3 char + 2 number + 4 char + 2 number SSID == 11 char total + 1 null terminator byte or 12 bytes minimum w/o any consideration...
-
Hello everyone, KD6YAM and I recently noticed this issue in Linux Mint 22.1 and Ubuntu 24.04.2 as of 06/23/25. Please note that special event callsigns in different countries can get quite long plus the two digit SSID. See https://ham.stackexchange.com/questions/10339/which-country-s-hams-have-the-longest-call-signs for some ideas but the field could get quite long with say 3 char + 2 number + 4 char + 2 number SSID == 11 char total + 1 null terminator byte
-
it is now fixed by debian in bug#1106147 in dsa-5923-2
-
ifconfig can no logner collect stats for RX/TX packets by Linux kernel 6.6 or later
-
ifconfig can no logner collect stats for RX/TX packets by Linux kernel 6.6 or later
-
yes and no, net-tools is obsoleted by iproute2 and retired. however the function you mention normally works. i suspect that debian and ubuntu backported a (broken) security fix and forgot to add the regression fix commit https://sourceforge.net/p/net-tools/code/ci/ddb0e375fb9ca95bb69335540b85bbdaa2714348/ if you can report it thrm to them that would be fine, otherwise i can try to do so. you can also tell them they missed more of the security fix commits.
-
FyLy created ticket #51
ifconfig can no logner collect stats for RX/TX packets by Linux kernel 6.6 or later
-
Bernd Eckenfels committed [840410] on Code
proc.c: Stack-based Buffer Overflow in net-tools (proc_gen_fmt)
-
Bernd Eckenfels committed [ddb0e3] on Code
Interface statistic regression after 7a8f42fb2
-
Bernd Eckenfels committed [a79263] on Code
ipmaddr.c: Stack-based buffer Overflow in parse_hex()
-
Bernd Eckenfels committed [7a8f42] on Code
CVE-2025-46836: interface.c: Stack-based Buffer Overflow in get_name()
-
GitHub committed [618db3] on Code
ddp_gr.c: check fscanf (CodeQL #2) (#46)
-
GitHub committed [9760bf] on Code
Update makefile.yml: action permissions (CodeQL #1) (#45)
-
GitHub committed [f84cd2] on Code
Update proc.c; remove redundant null check (CodeQL #3) (#44)
-
GitHub committed [bc87b4] on Code
Create codeql.yml (#43)
-
GitHub committed [949800] on Code
Create makefile.yml: add github CI
-
GitHub committed [4e187e] on Code
Update ifconfig.c: unneeded precaution
-
Update ifconfig.c: describe internal error condition
-
Prevent null pointer dereference in ifconfig.c
-
Tatereal modified a comment on ticket #47
I am facing issue in host name I don't know what to do any suggestions for diablo project?
-
I am facing issue in host name I don't know what to do any suggestions for warcraft project?
-
Hank Leininger created ticket #50
Proposal: Increase PROGNAME_WIDTH or make -W change it
-
Ronin Wang modified a comment on ticket #49
the notes on specific fields of Gemeric data record in stdf_V4 spec file.
1 >