| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Feb 2021 18:08:53 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Arjun Roy <arjunroy.kdev@...il.com>
Cc: davem@...emloft.net, netdev@...r.kernel.org, arjunroy@...gle.com,
edumazet@...gle.com, soheil@...gle.com,
David Ahern <dsahern@...il.com>,
Leon Romanovsky <leon@...nel.org>
Subject: Re: [net-next] tcp: Sanitize CMSG flags and reserved args in
tcp_zerocopy_receive.
On Thu, 11 Feb 2021 13:21:07 -0800 Arjun Roy wrote:
> + if (unlikely(len > sizeof(zc))) {
> + err = check_zeroed_user(optval + sizeof(zc),
> + len - sizeof(zc));
> + if (err < 1)
> + return err == 0 ? -EINVAL : err;
nit: return err ? : -EINVAL;
> len = sizeof(zc);
> if (put_user(len, optlen))
> return -EFAULT;
> }
> if (copy_from_user(&zc, optval, len))
> return -EFAULT;
> + if (zc.reserved)
> + return -EINVAL;
> + if (zc.msg_flags & ~(TCP_VALID_ZC_MSG_FLAGS))
nit: parens unnecessary
But neither is a big deal:
Acked-by: Jakub Kicinski <kuba@...nel.org>
Powered by blists - more mailing lists