| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Aug 2008 18:19:48 -0700 (PDT) From: Linus Torvalds <torvalds@...ux-foundation.org> To: Eugene Teo <eteo@...hat.com> cc: Vlad Yasevich <vladislav.yasevich@...com>, netdev@...r.kernel.org, linux-sctp@...r.kernel.org, security@...nel.org, davem@...emloft.net Subject: Re: [Security] [PATCH] sctp: add verification checks to SCTP_AUTH_KEY option On Tue, 26 Aug 2008, Eugene Teo wrote: > > > @@ -80,6 +80,10 @@ static struct sctp_auth_bytes *sctp_auth_create_key(__u32 key_len, gfp_t gfp) > > This should be __u16 key_len. Hmm? If it fits in a u16, then there is no worry about overflow. > > struct sctp_auth_bytes *key; > > > > + /* Verify that we are not going to overflow INT_MAX */ > > + if ((INT_MAX - key_len) < sizeof(struct sctp_auth_bytes)) > > + return NULL; > > Shouldn't this be UINT_MAX? But then if you are going to change > sctp_auth_create_key() to accept __u16 key_len, then it should be > USHORT_MAX. If it's ushort, then it shouldn't need any test at all from an overflow standpoint. The addition simply can't overflow, since it's always done in "size_t" due to the sizeof. But if it can overflow, I actually think it makes more sense to test for something smaller than the "exact" overflow. A key can't reasonably be all that long _anyway_, so it's probably better to test for something _much_ smaller. Linus -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists