lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 10 Oct 2007 16:31:08 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	brian.haley@...com
Cc:	shemminger@...ux-foundation.org, den@...nvz.org,
	aarapov@...hat.com, netdev@...r.kernel.org
Subject: Re: [RFC] more robust inet range checking

From: Brian Haley <brian.haley@...com>
Date: Wed, 10 Oct 2007 15:24:20 -0400

> Stephen Hemminger wrote:
> > --- a/net/ipv4/udp.c	2007-10-10 08:27:00.000000000 -0700
> > +++ b/net/ipv4/udp.c	2007-10-10 09:44:35.000000000 -0700
> > @@ -147,13 +147,13 @@ int __udp_lib_get_port(struct sock *sk, 
> >  	write_lock_bh(&udp_hash_lock);
> >  
> >  	if (!snum) {
> > -		int i;
> > -		int low = sysctl_local_port_range[0];
> > -		int high = sysctl_local_port_range[1];
> > +		int i, range[2];
> >  		unsigned rover, best, best_size_so_far;
> 
> Should these be signed ints?  They're the only ones that are unsigned, 
> but I don't know why.

They have just been hacked inconsistently over the years,
that's the only reason these types are like that.

> > --- a/net/sctp/protocol.c	2007-10-10 08:27:00.000000000 -0700
> > +++ b/net/sctp/protocol.c	2007-10-10 09:58:21.000000000 -0700
> > @@ -1173,7 +1173,6 @@ SCTP_STATIC __init int sctp_init(void)
> >  	}
> >  
> >  	spin_lock_init(&sctp_port_alloc_lock);
> > -	sctp_port_rover = sysctl_local_port_range[0] - 1;
> 
> I think you can remove the port_rover definition in sctp/structs.h and 
> also the lock that protects it.  Patch below for that which can be 
> applied on-top of yours.
> 
> -Brian
> 
> 
> Remove SCTP port_rover and port_alloc_lock as they're no longer required.
> 
> Signed-off-by: Brian Haley <brian.haley@...com>

I like this range checking change, someone please resubmit with
Brian's nits and this SCTP cleanup integrated on top.

I'll probably submit this to stable since it fixes the potential
divide by zero, so test whatever you post :-)

Thanks!
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ