lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 28 Jan 2011 16:29:06 +0100 (CET)
From:	Julia Lawall <julia@...u.dk>
To:	Paul Moore <paul.moore@...com>
Cc:	kernel-janitors@...r.kernel.org,
	"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] net/netlabel: Avoid call to genlmsg_cancel

On Fri, 28 Jan 2011, Paul Moore wrote:

> On Fri, 2011-01-28 at 15:58 +0100, Julia Lawall wrote:
> > On Fri, 28 Jan 2011, Paul Moore wrote:
> > 
> > > On Fri, 2011-01-28 at 15:17 +0100, Julia Lawall wrote:
> > > > genlmsg_cancel subtracts some constants from its second argument before
> > > > calling nlmsg_cancel.  nlmsg_cancel then calls nlmsg_trim on the same
> > > > arguments.  nlmsg_trim tests for NULL before doing any computation, but a
> > > > NULL second argument to genlmsg_cancel is no longer NULL due to the initial
> > > > subtraction.  Nothing else happens in this execution, so the call to
> > > > genlmsg_cancel is simply unnecessary in this case.
> > > > 
> > > > The semantic match that finds this problem is as follows:
> > > > (http://coccinelle.lip6.fr/)
> > > > 
> > > > // <smpl>
> > > > @@
> > > > expression data;
> > > > @@
> > > > 
> > > > if (data == NULL) { ...
> > > > * genlmsg_cancel(..., data);
> > > >   ...
> > > >   return ...;
> > > > }
> > > > // </smpl>
> > > > 
> > > > Signed-off-by: Julia Lawall <julia@...u.dk>
> > > 
> > > In all of the cases below, these functions are called multiple times to
> > > generate data chunks (additional netlink attributes) which are appended
> > > to an existing skbuff.  I believe that the calls to genlmsg_cancel() are
> > > still needed to help cleanup in the case where the functions fail on the
> > > Nth call.
> > > 
> > > If I'm wrong, feel free to enlighten me.
> > 
> > Perhaps something is needed, but I don't see how the current code can 
> > work.  The call is genlmsg_cancel(cb_arg->skb, NULL) in each case.
> 
> Ah yes, you're right.  You will have to forgive me as it has been quite
> a while since I have looked at NetLabel's netlink code.
> 
> You also might consider putting a NULL check in genlmsg_cancel() similar
> to the check nlmsg_trim(); that seems like a worthwhile addition.

OK, I'll do that.

julia
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists