lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 12 Apr 2019 03:58:34 +0800
From:   kbuild test robot <lkp@...el.com>
To:     Tom Herbert <tom@...bertland.com>
Cc:     kbuild-all@...org, davem@...emloft.net, netdev@...r.kernel.org,
        Tom Herbert <tom@...ntonium.net>
Subject: Re: [PATCH v2 net-next 6/6] ip6tlvs: Validation of TX Destination
 and Hop-by-Hop options

Hi Tom,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on net-next/master]

url:    https://github.com/0day-ci/linux/commits/Tom-Herbert/exthdrs-Create-exthdrs_options-c/20190412-024542
config: i386-randconfig-x017-201914 (attached as .config)
compiler: gcc-7 (Debian 7.3.0-1) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=i386 

All errors (new ones prefixed by >>):

   net/ipv6/exthdrs_core.c: In function '__ipv6_opt_validate_tlvs':
>> net/ipv6/exthdrs_core.c:513:18: error: 'struct net' has no member named 'ipv6'; did you mean 'ipv4'?
      max_len = net->ipv6.sysctl.max_hbh_opts_len;
                     ^~~~
                     ipv4
   net/ipv6/exthdrs_core.c:514:18: error: 'struct net' has no member named 'ipv6'; did you mean 'ipv4'?
      max_cnt = net->ipv6.sysctl.max_hbh_opts_cnt;
                     ^~~~
                     ipv4
   net/ipv6/exthdrs_core.c:518:18: error: 'struct net' has no member named 'ipv6'; did you mean 'ipv4'?
      max_len = net->ipv6.sysctl.max_dst_opts_len;
                     ^~~~
                     ipv4
   net/ipv6/exthdrs_core.c:519:18: error: 'struct net' has no member named 'ipv6'; did you mean 'ipv4'?
      max_cnt = net->ipv6.sysctl.max_dst_opts_cnt;
                     ^~~~
                     ipv4

vim +513 net/ipv6/exthdrs_core.c

   488	
   489	static int __ipv6_opt_validate_tlvs(struct net *net,
   490					    struct tlv_param_table *tlv_param_table,
   491					    struct ipv6_opt_hdr *opt,
   492					    unsigned int optname, bool deleting,
   493					    bool admin)
   494	{
   495		unsigned int max_len = 0, max_cnt = 0, cnt = 0;
   496		unsigned char *tlv = (unsigned char *)opt;
   497		bool deep_check, did_deep_check = false;
   498		unsigned int opt_len, tlv_len, offset;
   499		unsigned int padding = 0, numpad = 0;
   500		unsigned char prev_tlv_order = 0;
   501		struct tlv_tx_params *tptx;
   502		int retc, ret = -EINVAL;
   503		struct tlv_proc *tproc;
   504		unsigned int class;
   505	
   506		opt_len = ipv6_optlen(opt);
   507		offset = sizeof(*opt);
   508	
   509		class = optname_to_tlv_class(optname);
   510	
   511		switch (optname) {
   512		case IPV6_HOPOPTS:
 > 513			max_len = net->ipv6.sysctl.max_hbh_opts_len;
   514			max_cnt = net->ipv6.sysctl.max_hbh_opts_cnt;
   515			break;
   516		case IPV6_RTHDRDSTOPTS:
   517		case IPV6_DSTOPTS:
   518			max_len = net->ipv6.sysctl.max_dst_opts_len;
   519			max_cnt = net->ipv6.sysctl.max_dst_opts_cnt;
   520			break;
   521		}
   522	
   523		rcu_read_lock();
   524	
   525		while (offset < opt_len) {
   526			switch (tlv[offset]) {
   527			case IPV6_TLV_PAD1:
   528				tlv_len = 1;
   529				padding++;
   530				numpad++;
   531				break;
   532			case IPV6_TLV_PADN:
   533				if (offset + 1 >= opt_len)
   534					goto out;
   535	
   536				tlv_len = tlv[offset + 1] + 2;
   537	
   538				if (offset + tlv_len > opt_len)
   539					goto out;
   540	
   541				padding += tlv_len;
   542				numpad++;
   543				break;
   544			default:
   545				if (offset + 1 >= opt_len)
   546					goto out;
   547	
   548				tlv_len = tlv[offset + 1] + 2;
   549	
   550				if (offset + tlv_len > opt_len)
   551					goto out;
   552	
   553				tproc = tlv_get_proc(tlv_param_table, tlv[offset]);
   554				tptx = &tproc->params.t;
   555	
   556				retc = __ipv6_opt_validate_single_tlv(net, &tlv[offset],
   557								      tptx, class,
   558								      &deep_check,
   559								      deleting, admin);
   560				if (retc < 0) {
   561					ret = retc;
   562					goto out;
   563				}
   564	
   565				if (deep_check) {
   566					/* Check for too many options */
   567					if (++cnt > max_cnt) {
   568						ret = -E2BIG;
   569						goto out;
   570					}
   571	
   572					/* Check order */
   573					if (tptx->preferred_order < prev_tlv_order)
   574						goto out;
   575	
   576					/* Check alignment */
   577					if ((offset % (tptx->align_mult + 1)) !=
   578					    tptx->align_off)
   579						goto out;
   580	
   581					/* Check for right amount of padding */
   582					if (numpad > 1 || padding > tptx->align_mult)
   583						goto out;
   584	
   585					prev_tlv_order = tptx->preferred_order;
   586				}
   587	
   588				padding = 0;
   589				numpad = 0;
   590				did_deep_check = true;
   591			}
   592			offset += tlv_len;
   593		}
   594	
   595		/* If we did at least one deep check apply length limit */
   596		if (did_deep_check && opt_len > max_len) {
   597			ret = -EMSGSIZE;
   598			goto out;
   599		}
   600	
   601		/* All good */
   602		ret = 0;
   603	out:
   604		rcu_read_unlock();
   605	
   606		return ret;
   607	}
   608	

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

Download attachment ".config.gz" of type "application/gzip" (31140 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ