| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jul 2012 17:32:49 -0700 (PDT) From: David Miller <davem@...emloft.net> To: alexander.h.duyck@...el.com Cc: netdev@...r.kernel.org, jeffrey.t.kirsher@...el.com, alexander.duyck@...il.com Subject: Re: [PATCH 1/2] tcp: Fix out of bounds access to tcpm_vals From: Alexander Duyck <alexander.h.duyck@...el.com> Date: Wed, 11 Jul 2012 17:18:04 -0700 > The recent patch "tcp: Maintain dynamic metrics in local cache." introduced > an out of bounds access due to what appears to be a typo. I believe this > change should resolve the issue by replacing the access to RTAX_CWND with > TCP_METRIC_CWND. > > Signed-off-by: Alexander Duyck <alexander.h.duyck@...el.com> Applied, thanks a lot. How did you spot this, did you get a compiler warning? I ask because while working on this, I at one point put the tcp timestamp members after the metrics array in the tcp_metrics_bucket struct. And I got a warning from gcc about an array bounds violation that I could not figure out. I am pretty certain this bug here is what it was warning about. And the problem is that if you put the array at the end gcc doesn't warn in order to handle things similar to what people use zero length arrays for. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists