lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Sun, 09 Mar 2014 17:48:09 +0000
From:	Ben Hutchings <ben@...adent.org.uk>
To:	Erik Hugne <erik.hugne@...csson.com>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org,
	tipc-discussion@...ts.sourceforge.net, jon.maloy@...csson.com,
	maloy@...jonn.com, ying.xue@...driver.com,
	paul.gortmaker@...driver.com, richard.alpe@...csson.com
Subject: Re: [PATCH net-next v2 1/6] tipc: allow connection shutdown
 callback to be invoked in advance

On Thu, 2014-03-06 at 10:06 +0100, Erik Hugne wrote:
> On Wed, Mar 05, 2014 at 11:56:18PM -0500, David Miller wrote:
> > From: <erik.hugne@...csson.com>
> > Date: Wed, 5 Mar 2014 08:56:13 +0100
> > 
> > > @@ -413,8 +411,11 @@ int tipc_conn_sendmsg(struct tipc_server *s, int conid,
> > >  	struct tipc_conn *con;
> > >  
> > >  	con = tipc_conn_lookup(s, conid);
> > > -	if (!con)
> > > +	if (!con) {
> > > +		pr_err("Connection %d not found on server %s\n", conid,
> > > +		       s->name);
> > >  		return -EINVAL;
> > > +	}
> > >  
> > >  	e = tipc_alloc_entry(data, len);
> > >  	if (!e) {
> > 
> > You really don't want to add kernel log messages which might be easily
> > triggerable by the user.  Please remove this.
> 
> Ok i'll remove it, but i'd anyway like to mention that this cannot be triggered
> by users. This function is only invoked from the TIPC internal services
> (subscriber and config) as a response from network events.

If 'network events' are triggered by packets received from remote hosts
or packets sent on behalf of arbitrary local users, then this is just as
bad.  You need to rate-limit such logging, usually by making it
conditional on net_ratelimit().

Ben.

-- 
Ben Hutchings
I say we take off; nuke the site from orbit.  It's the only way to be sure.

Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)

Powered by blists - more mailing lists