lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Nov 2007 09:32:02 -0800 From: Andrew Morton <akpm@...ux-foundation.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: davem@...emloft.net, netdev@...r.kernel.org Subject: Re: + xfrm_policy-warning-fix.patch added to -mm tree On Fri, 30 Nov 2007 00:51:33 +1100 Herbert Xu <herbert@...dor.apana.org.au> wrote: > On Wed, Nov 28, 2007 at 02:56:51AM -0800, akpm@...ux-foundation.org wrote: > > > > The patch titled > > xfrm_policy warning fix > > has been added to the -mm tree. Its filename is > > xfrm_policy-warning-fix.patch > > > > *** Remember to use Documentation/SubmitChecklist when testing your code *** > > > > See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find > > out what to do about this > > > > ------------------------------------------------------ > > Subject: xfrm_policy warning fix > > From: Andrew Morton <akpm@...ux-foundation.org> > > > > Fix this: > > > > net/xfrm/xfrm_policy.c: In function '__xfrm_lookup': > > net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function > > > > by checking for impossible values in the switch(). > > Thanks Andrew. I've added the following patch to net-2.6. > -- > Visit Openswan at http://www.openswan.org/ > Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > -- > commit 5e5234ff17ef98932688116025b30958bd28a940 > Author: Herbert Xu <herbert@...dor.apana.org.au> > Date: Fri Nov 30 00:50:31 2007 +1100 > > [IPSEC]: Fix uninitialised dst warning in __xfrm_lookup > > Andrew Morton reported that __xfrm_lookup generates this warning: > > net/xfrm/xfrm_policy.c: In function '__xfrm_lookup': > net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function > > This is because if policy->action is of an unexpected value then dst will > not be initialised. Of course, in practice this should never happen since > the input layer xfrm_user/af_key will filter out all illegal values. But > the compiler doesn't know that of course. > > So this patch fixes this by taking the conservative approach and treat all > unknown actions the same as a blocking action. > > Thanks to Andrew for finding this and providing an initial fix. > > Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au> > > diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c > index b702bd8..9a4cf2e 100644 > --- a/net/xfrm/xfrm_policy.c > +++ b/net/xfrm/xfrm_policy.c > @@ -1344,6 +1344,7 @@ restart: > xfrm_nr += pols[0]->xfrm_nr; > > switch (policy->action) { > + default: > case XFRM_POLICY_BLOCK: > /* Prohibit the flow */ > err = -EPERM; hm. If someone feeds a bad value into here we want to know about it rather than silently fixing it up, don't we? - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists