| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Oct 2012 01:10:22 +0400 From: Pavel Emelyanov <xemul@...allels.com> To: Eric Dumazet <eric.dumazet@...il.com> CC: Brian Haley <brian.haley@...com>, Linux Netdev List <netdev@...r.kernel.org>, David Miller <davem@...emloft.net> Subject: Re: [PATCH net-next] sockopt: Make SO_BINDTODEVICE readable On 10/23/2012 12:45 AM, Eric Dumazet wrote: > On Mon, 2012-10-22 at 14:04 -0400, Brian Haley wrote: > >> + char devname[IFNAMSIZ]; >> + >> + ret = 0; >> + if (sk->sk_bound_dev_if == 0) >> + goto out; >> + >> + ret = -EINVAL; >> + if (len < IFNAMSIZ) >> + goto out; >> + if (len > IFNAMSIZ) >> + len = IFNAMSIZ; >> + >> + rcu_read_lock(); >> + dev = dev_get_by_index_rcu(net, sk->sk_bound_dev_if); >> + if (dev) >> + strcpy(dev->name, devname); >> + rcu_read_unlock(); >> + ret = -ENODEV; > > You probably meant > > strcpy(devname, dev->name) > > By the way, this is not really safe in case device is renamed Good point, actually. Getting a device name may be not very safe in terms of -- once we have the name there's no 100% guarantee, that this name corresponds to the actual device the socket is bound to (it could be renamed after we strcpy-ed its name). This problem doesn't exist when we get device index, as it cannot be changed. Thanks, Pavel -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists