lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 14 Feb 2023 14:46:26 -0800
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Pedro Tammela <pctammela@...atatu.com>
Cc:     netdev@...r.kernel.org, jhs@...atatu.com, xiyou.wangcong@...il.com,
        jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com,
        kuba@...nel.org, pabeni@...hat.com
Subject: Re: [PATCH net] net/sched: tcindex: search key must be 16 bits

On Mon, 13 Feb 2023 22:47:29 -0300
Pedro Tammela <pctammela@...atatu.com> wrote:

> diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c
> index ba7f22a49..6640e75ea 100644
> --- a/net/sched/cls_tcindex.c
> +++ b/net/sched/cls_tcindex.c
> @@ -503,7 +503,7 @@ tcindex_set_parms(struct net *net, struct tcf_proto *tp, unsigned long base,
>  		/* lookup the filter, guaranteed to exist */
>  		for (cf = rcu_dereference_bh_rtnl(*fp); cf;
>  		     fp = &cf->next, cf = rcu_dereference_bh_rtnl(*fp))
> -			if (cf->key == handle)
> +			if (cf->key == (u16)handle)
>  				break;

Rather than truncating silently. I think the code should first test that handle is
not outside of range and return EINVAL instead.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ