aboutgitcodebugslistschat
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2024-08-29 19:58:46 +1000
committerStefano Brivio <sbrivio@redhat.com>2024-08-29 22:26:05 +0200
commit4a41dc58d67e910c3a1f505a6a20988c4555e735 (patch)
tree39a3a400e0fdc3271eaa2ffbe543fd149de02191
parent1daf6f4615226a2cdd9523a80d70736af4a9f3c0 (diff)
downloadpasst-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar.gz
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar.bz2
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar.lz
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar.xz
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.tar.zst
passt-4a41dc58d67e910c3a1f505a6a20988c4555e735.zip
conf, fwd: Don't attempt to forward port 0
When using -t all, -u all or exclude-only ranges, we'll attempt to forward all non-ephemeral port numbers, including port 0. However, this won't work as intended: bind() treats a zero port not as literal port 0, but as "pick a port for me". Because of the special meaning of port 0, we mostly outright exclude it in our handling. Do the same for setting up forwards, not attempting to forward for port 0. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Laurent Vivier <lvivier@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r--conf.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/conf.c b/conf.c
index 6b3dafd..3eb117f 100644
--- a/conf.c
+++ b/conf.c
@@ -157,7 +157,10 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
fwd->mode = FWD_ALL;
- for (i = 0; i < NUM_PORTS; i++) {
+ /* Skip port 0. It has special meaning for many socket APIs, so
+ * trying to bind it is not really safe.
+ */
+ for (i = 1; i < NUM_PORTS; i++) {
if (fwd_port_is_ephemeral(i))
continue;
@@ -262,7 +265,10 @@ static void conf_ports(const struct ctx *c, char optname, const char *optarg,
} while ((p = next_chunk(p, ',')));
if (exclude_only) {
- for (i = 0; i < NUM_PORTS; i++) {
+ /* Skip port 0. It has special meaning for many socket APIs, so
+ * trying to bind it is not really safe.
+ */
+ for (i = 1; i < NUM_PORTS; i++) {
if (fwd_port_is_ephemeral(i) ||
bitmap_isset(exclude, i))
continue;