lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 16 Mar 2015 20:53:53 -0700
From:	Scott Feldman <sfeldma@...il.com>
To:	Siva Mannem <siva.mannem.lnx@...il.com>
Cc:	Netdev <netdev@...r.kernel.org>,
	"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH net-next v4 3/3] Validate all netlink attributes and
 return error if any of the validation fails.

On Mon, Mar 16, 2015 at 4:02 PM, Siva Mannem <siva.mannem.lnx@...il.com> wrote:
> This patch validates all netlink attributes and return error if any of the
> validation fails.
>
> Signed-off-by: Siva Mannem <siva.mannem.lnx@...il.com>
> Suggested-by: David Miller <davem@...emloft.net>
> ---
>  net/bridge/br_netlink.c | 39 ++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 38 insertions(+), 1 deletion(-)
>
> diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
> index d80e802..0b18c0d 100644
> --- a/net/bridge/br_netlink.c
> +++ b/net/bridge/br_netlink.c
> @@ -740,12 +740,49 @@ static int br_changelink(struct net_device *brdev, struct nlattr *tb[],
>                          struct nlattr *data[])
>  {
>         struct net_bridge *br = netdev_priv(brdev);
> -       int err;
> +       unsigned long forward_delay;
> +       unsigned long hello_time;
> +       unsigned long max_age;
> +       unsigned long ageing_time;
> +       u32 t;
> +       int err = -ERANGE;
>
>         if (!data)
>                 return 0;
>
>         if (data[IFLA_BR_FORWARD_DELAY]) {
> +               t = nla_get_u32(data[IFLA_BR_FORWARD_DELAY]);
> +               forward_delay = clock_t_to_jiffies(t);
> +               if (forward_delay < BR_MIN_FORWARD_DELAY ||
> +                   forward_delay > BR_MAX_FORWARD_DELAY)
> +                       return err;

Is there a way to avoiding duplicate range checking code by passing an
extra arg to br_set_forward_delay(..., bool validate_only) and
friends?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ