lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Dec 2014 00:33:48 -0500 From: Sasha Levin <sasha.levin@...cle.com> To: davem@...emloft.net Cc: ast@...mgrid.com, dborkman@...hat.com, hannes@...essinduktion.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Sasha Levin <sasha.levin@...cle.com> Subject: [PATCH] net: sock: correctly handle failed prog retrieval from fd Commit "net: sock: allow eBPF programs to be attached to sockets" didn't correctly handle the case where there is a failure getting the prog from a given fd. This allows for easy NULL ptr deref from userspace. Signed-off-by: Sasha Levin <sasha.levin@...cle.com> --- net/core/filter.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/core/filter.c b/net/core/filter.c index 8cc3c03..ec9baea 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -1103,8 +1103,8 @@ int sk_attach_bpf(u32 ufd, struct sock *sk) return -EPERM; prog = bpf_prog_get(ufd); - if (!prog) - return -EINVAL; + if (IS_ERR(prog)) + return PTR_ERR(prog); if (prog->aux->prog_type != BPF_PROG_TYPE_SOCKET_FILTER) { /* valid fd, but invalid program type */ -- 2.1.0 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists