| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Nov 2007 09:32:02 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: + xfrm_policy-warning-fix.patch added to -mm tree
On Fri, 30 Nov 2007 00:51:33 +1100 Herbert Xu <herbert@...dor.apana.org.au> wrote:
> On Wed, Nov 28, 2007 at 02:56:51AM -0800, akpm@...ux-foundation.org wrote:
> >
> > The patch titled
> > xfrm_policy warning fix
> > has been added to the -mm tree. Its filename is
> > xfrm_policy-warning-fix.patch
> >
> > *** Remember to use Documentation/SubmitChecklist when testing your code ***
> >
> > See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
> > out what to do about this
> >
> > ------------------------------------------------------
> > Subject: xfrm_policy warning fix
> > From: Andrew Morton <akpm@...ux-foundation.org>
> >
> > Fix this:
> >
> > net/xfrm/xfrm_policy.c: In function '__xfrm_lookup':
> > net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function
> >
> > by checking for impossible values in the switch().
>
> Thanks Andrew. I've added the following patch to net-2.6.
> --
> Visit Openswan at http://www.openswan.org/
> Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> commit 5e5234ff17ef98932688116025b30958bd28a940
> Author: Herbert Xu <herbert@...dor.apana.org.au>
> Date: Fri Nov 30 00:50:31 2007 +1100
>
> [IPSEC]: Fix uninitialised dst warning in __xfrm_lookup
>
> Andrew Morton reported that __xfrm_lookup generates this warning:
>
> net/xfrm/xfrm_policy.c: In function '__xfrm_lookup':
> net/xfrm/xfrm_policy.c:1449: warning: 'dst' may be used uninitialized in this function
>
> This is because if policy->action is of an unexpected value then dst will
> not be initialised. Of course, in practice this should never happen since
> the input layer xfrm_user/af_key will filter out all illegal values. But
> the compiler doesn't know that of course.
>
> So this patch fixes this by taking the conservative approach and treat all
> unknown actions the same as a blocking action.
>
> Thanks to Andrew for finding this and providing an initial fix.
>
> Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
>
> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> index b702bd8..9a4cf2e 100644
> --- a/net/xfrm/xfrm_policy.c
> +++ b/net/xfrm/xfrm_policy.c
> @@ -1344,6 +1344,7 @@ restart:
> xfrm_nr += pols[0]->xfrm_nr;
>
> switch (policy->action) {
> + default:
> case XFRM_POLICY_BLOCK:
> /* Prohibit the flow */
> err = -EPERM;
hm. If someone feeds a bad value into here we want to know about it rather
than silently fixing it up, don't we?
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists