| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Nov 2015 14:40:15 +0100
From: Florian Weimer <fweimer@...hat.com>
To: GNU C Library <libc-alpha@...rceware.org>
Cc: Hannes Sowa <hannes@...hat.com>, netdev@...r.kernel.org
Subject: [PATCH v2] glibc: Terminate process on invalid netlink response from
kernel [BZ #12926]
On 10/24/2015 06:22 AM, Mike Frysinger wrote:
> On 23 Oct 2015 22:07, Florian Weimer wrote:
>> --- /dev/null
>> +++ b/sysdeps/unix/sysv/linux/netlink_assert_response.c
>> @@ -0,0 +1,100 @@
>> +/* Copyright (C) 2015 Free Software Foundation, Inc.
>> + This file is part of the GNU C Library.
>
> guess we like to have the first line be a short desc of the file
Added.
>> +static int
>> +get_address_family (int fd)
>> +{
>> ...
>> + return sa.ss_family;
> ss_family is of type sa_family_t, not int ... not a big deal, but the
> two do differ in sign ...
Thanks. I added static asserts to make sure that the actual type does
not cause problems with the use of -1 and an int return value.
I do not want to use SO_DOMAIN here because I expect this to eventually
move into generic code because we probably should do similar checking on
other internally-used sockets (where reporting impossible errors to the
caller would be grossly misleading).
I'm still waiting for comments from the kernel people. :)
Florian
View attachment "0001-Terminate-process-on-invalid-netlink-response-from-k.patch" of type "text/x-patch" (10693 bytes)
Powered by blists - more mailing lists