| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Nov 2007 00:51:33 +1100
From: Herbert Xu <herbert@...dor.apana.org.au>
To: akpm@...ux-foundation.org
Cc: mm-commits@...r.kernel.org, davem@...emloft.net,
netdev@...r.kernel.org
Subject: Re: + xfrm_policy-warning-fix.patch added to -mm tree
On Wed, Nov 28, 2007 at 02:56:51AM -0800, akpm@...ux-foundation.org wrote:
>
> The patch titled
> xfrm_policy warning fix
> has been added to the -mm tree. Its filename is
> xfrm_policy-warning-fix.patch
>
> *** Remember to use Documentation/SubmitChecklist when testing your code ***
>
> See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
> out what to do about this
>
> ------------------------------------------------------
> Subject: xfrm_policy warning fix
> From: Andrew Morton <akpm@...ux-foundation.org>
>
> Fix this:
>
> net/xfrm/xfrm_policy.c: In function '__xfrm_lookup':
> net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function
>
> by checking for impossible values in the switch().
Thanks Andrew. I've added the following patch to net-2.6.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
commit 5e5234ff17ef98932688116025b30958bd28a940
Author: Herbert Xu <herbert@...dor.apana.org.au>
Date: Fri Nov 30 00:50:31 2007 +1100
[IPSEC]: Fix uninitialised dst warning in __xfrm_lookup
Andrew Morton reported that __xfrm_lookup generates this warning:
net/xfrm/xfrm_policy.c: In function '__xfrm_lookup':
net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function
This is because if policy->action is of an unexpected value then dst will
not be initialised. Of course, in practice this should never happen since
the input layer xfrm_user/af_key will filter out all illegal values. But
the compiler doesn't know that of course.
So this patch fixes this by taking the conservative approach and treat all
unknown actions the same as a blocking action.
Thanks to Andrew for finding this and providing an initial fix.
Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b702bd8..9a4cf2e 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1344,6 +1344,7 @@ restart:
xfrm_nr += pols[0]->xfrm_nr;
switch (policy->action) {
+ default:
case XFRM_POLICY_BLOCK:
/* Prohibit the flow */
err = -EPERM;
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists