lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 12 Jan 2017 17:36:21 -0800
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     David Ahern <dsa@...ulusnetworks.com>
Cc:     netdev@...r.kernel.org, frank.kellermann@...s.net
Subject: Re: [PATCH iproute2] rttable: Fix invalid range checking when table
 id is converted to u32

On Tue, 10 Jan 2017 15:33:55 -0800
David Ahern <dsa@...ulusnetworks.com> wrote:

> Frank reported that table ids for very large numbers are not properly
> detected:
> $ ip li add foobar type vrf table 98765432100123456789
> 
> command succeeds and resulting table id is actually:
> 
> 21: foobar: <NOARP,MASTER> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
>     link/ether da:ea:d4:77:38:2a brd ff:ff:ff:ff:ff:ff promiscuity 0
>     vrf table 4294967295 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
> 
> Make the temp variable 'i' unsigned long and let the typecast to u32
> happen on assignment to id.
> 
> Reported-by: Frank Kellermann <frank.kellermann@...s.net>
> Signed-off-by: David Ahern <dsa@...ulusnetworks.com>

Applied thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ