lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 04 Jun 2008 11:37:51 +0900 (JST)
From:	YOSHIFUJI Hideaki / 吉藤英明 
	<yoshfuji@...ux-ipv6.org>
To:	shanwei@...fujitsu.com
Cc:	Brian.Haley@...com, davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [GIT PULL net-2.6] IPv6 fixes.

In article <4845FDA1.1040009@...fujitsu.com> (at Wed, 04 Jun 2008 10:27:45 +0800), Shan Wei <shanwei@...fujitsu.com> says:

> Brian Haley 写道:
> > YOSHIFUJI Hideaki / 吉藤英明 wrote:
> >> Please consider pulling following fixes on top of net-2.6 tree
> >> available at
> >>     git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-fix.git
> >> net-2.6-misc-20080604b
> >>
> > ...
> >> commit c878bc2da63acd3b80ba4cf428702f6e98c55b3c
> >> Author: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
> >> Date:   Mon Jun 2 18:45:23 2008 +0900
> >>
> >>     [IPv6]: Check outgoing interface even if source address is
> >> unspecified.
> >>         The outgoing interface index (ipi6_ifindex) in IPV6_PKTINFO
> >>     ancillary data, is not checked if the source address (ipi6_addr)
> >>     is unspecified.  If the ipi6_ifindex is the not-exist interface,
> >>     it should be fail and the errno should be set ENODEV.
> >>         Based on patch from Shan Wei <shanwei@...fujitsu.com>.
> >>         Signed-off-by: Shan Wei <shanwei@...fujitsu.com>
> >>     Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
> >>
> >> diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
> >> index 94fa6ae..76d4ab4 100644
> >> --- a/net/ipv6/datagram.c
> >> +++ b/net/ipv6/datagram.c
> >> @@ -535,27 +535,29 @@ int datagram_send_ctl(struct msghdr *msg, struct
> >> flowi *fl,
> >>                  fl->oif = src_info->ipi6_ifindex;
> >>              }
> >>  
> >> -            addr_type = ipv6_addr_type(&src_info->ipi6_addr);
> >> +            if (fl->oif) {
> >> +                dev = dev_get_by_index(&init_net, fl->oif);
> >> +                if (!dev)
> >> +                    return -ENODEV;
> >> +            }
> >>  
> >> -            if (addr_type == IPV6_ADDR_ANY)
> >> +            addr_type = ipv6_addr_type(&src_info->ipi6_addr);
> >> +            if (addr_type == IPV6_ADDR_ANY) {
> >> +                if (dev)
> >> +                    dev_put(dev);
> >>                  break;
> >> -
> >> -            if (addr_type & IPV6_ADDR_LINKLOCAL) {
> >> -                if (!src_info->ipi6_ifindex)
> >> -                    return -EINVAL;
> >> -                else {
> >> -                    dev = dev_get_by_index(&init_net,
> >> src_info->ipi6_ifindex);
> >> -                    if (!dev)
> >> -                        return -ENODEV;
> >> -                }
> >>              }
> >> -            if (!ipv6_chk_addr(&init_net, &src_info->ipi6_addr,
> >> +
> >> +            if (((addr_type & IPV6_ADDR_LINKLOCAL) &&
> >> +                 !src_info->ipi6_ifindex) ||
> >> +                !ipv6_chk_addr(&init_net, &src_info->ipi6_addr,
> > 
> > I think this !src_info->ipi6_ifindex here should be !fl->oif - that will
> > have been assigned correctly if it was zero and src_info->ipi6_ifindex
> > was passed-in, and is what we used to do the device lookup.
> 
> the attached patch fix it.

Ah, this reminds me I used wrong patch, sorry...

--yoshfuji
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ