| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 01 Dec 2015 17:13:10 +0100 From: "PaX Team" <pageexec@...email.hu> To: Daniele Fucini <dfucini@...il.com>, Eric Dumazet <eric.dumazet@...il.com> CC: Cong Wang <cwang@...pensource.com>, netdev <netdev@...r.kernel.org>, Jamal Hadi Salim <jhs@...atatu.com>, David Miller <davem@...emloft.net>, spender@...ecurity.net, re.emese@...il.com Subject: Re: size overflow in function qdisc_tree_decrease_qlen net/sched/sch_api.c On 1 Dec 2015 at 6:10, Eric Dumazet wrote: > On Tue, 2015-12-01 at 06:06 -0800, Eric Dumazet wrote: > > On Tue, 2015-12-01 at 12:19 +0100, Daniele Fucini wrote: > > > Thanks for the reply. Here's the output of `tc qdisc show`: > > > https://gist.github.com/1847102c8fe08f63e9e7 > > > Hmm... I do not think we ever took care of MQ in > > qdisc_tree_decrease_qlen() > > This looks like a false positive, because MQ recomputes backlog/qlen at > the time (stats) dumps are requested. > > I would say there is no bug. is it correct for sk_buff_head.qlen to underflow in general or just in this particular sched code? (we can exclude overflow checking for either case but obviously would like to retain as much coverage as possible) thanks, PaX Team -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists