| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 01 Jan 2017 11:54:06 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: lorenzo@...gle.com
Cc: ebiggers3@...il.com, netdev@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
ebiggers@...gle.com
Subject: Re: [PATCH] net: socket: don't set sk_uid to garbage value in
->setattr()
From: Lorenzo Colitti <lorenzo@...gle.com>
Date: Sun, 1 Jan 2017 16:57:23 +0900
> On Sat, Dec 31, 2016 at 8:42 AM, Eric Biggers <ebiggers3@...il.com> wrote:
>> ->setattr() was recently implemented for socket files to sync the socket
>> inode's uid to the new 'sk_uid' member of struct sock. It does this by
>> copying over the ia_uid member of struct iattr. However, ia_uid is
>> actually only valid when ATTR_UID is set in ia_valid, indicating that
>> the uid is being changed, e.g. by chown.
>> [...]
>> - if (!err) {
>> + if (!err && (iattr->ia_valid & ATTR_UID)) {
>
> Oops. Thanks for fixing this. Unit tested in
> https://android-review.googlesource.com/316594 .
>
> Tested-by: Lorenzo Colitti <lorenzo@...gle.com>
> Acked-by: Lorenzo Colitti <lorenzo@...gle.com>
Applied, thanks everyone.
Powered by blists - more mailing lists