alpine 3.6
obsolete weakness #267

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

openvswitch/src/openvswitch-2.7.0/lib/route-table-bsd.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 obsolete weakness.

         IP_ARGS(ip), (uintmax_t)pid);

    rtsock = socket(PF_ROUTE, SOCK_RAW, 0);
    if (rtsock < 0)
        return false;

retry:
    memset(&rtmsg, 0, sizeof(rtmsg));
    rtm->rtm_msglen = sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in);
    rtm->rtm_version = RTM_VERSION;
    rtm->rtm_type = RTM_GET;
    rtm->rtm_addrs = RTA_DST | RTA_IFP;
    rtm->rtm_seq = ++seq;

    sin = (struct sockaddr_in *)(rtm + 1);
    sin->sin_len = len = sizeof(struct sockaddr_in);
    sin->sin_family = AF_INET;
    sin->sin_addr.s_addr = ip;

    len = write(rtsock, (char *)&rtmsg, rtm->rtm_msglen);
    if (len == -1) {
        if (errno == ENOBUFS && retry_count-- > 0) {
            VLOG_INFO("Recoverable error writing to routing socket: %s",
                      ovs_strerror(errno));
            usleep(500 * 1000);  /* arbitrary */
            goto retry;
        }
        VLOG_ERR("Error writing to routing socket: %s", ovs_strerror(errno));
        close(rtsock);
        return false;
    }
    if (len != rtm->rtm_msglen) {
        VLOG_ERR("Short write to routing socket");
        close(rtsock);
        return false;
    }

    do {
        struct pollfd pfd;
        int ret;

        memset(&pfd, 0, sizeof(pfd));
        pfd.fd = rtsock;
        pfd.events = POLLIN;
        /*
         * The timeout value below is somehow arbitrary.
         * It's to detect the lost of routing messages due to
         * buffer exhaustion etc.  The routing socket is not
         * reliable.
         */ 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.