lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 23 Oct 2006 13:17:54 +0200
From:	Patrick McHardy <kaber@...sh.net>
To:	Amit Choudhary <amit2030@...il.com>
CC:	Linux Kernel <linux-kernel@...r.kernel.org>, akpm@...l.org,
	netdev@...r.kernel.org
Subject: Re: [PATCH 2.6.19-rc2] [REVISED] net/ipv4/multipath_wrandom.c: check
 kmalloc() return value.

Amit Choudhary wrote:
> Description: Check the return value of kmalloc() in function wrandom_set_nhinfo(), in file net/ipv4/multipath_wrandom.c.
> 
> Signed-off-by: Amit Choudhary <amit2030@...il.com>
> 
> diff --git a/net/ipv4/multipath_wrandom.c b/net/ipv4/multipath_wrandom.c
> index 92b0482..bcdb1f1 100644
> --- a/net/ipv4/multipath_wrandom.c
> +++ b/net/ipv4/multipath_wrandom.c
> @@ -242,6 +242,9 @@ static void wrandom_set_nhinfo(__be32 ne
>  		target_route = (struct multipath_route *)
>  			kmalloc(size_rt, GFP_ATOMIC);
>  
> +		if (!target_route)
> +			goto error;
> +
>  		target_route->gw = nh->nh_gw;
>  		target_route->oif = nh->nh_oif;
>  		memset(&target_route->rcu, 0, sizeof(struct rcu_head));
> @@ -263,6 +266,9 @@ static void wrandom_set_nhinfo(__be32 ne
>  		target_dest = (struct multipath_dest*)
>  			kmalloc(size_dst, GFP_ATOMIC);
>  
> +		if (!target_dest)
> +			goto error;
> +
>
>  		target_dest->nh_info = nh;
>  		target_dest->network = network;
>  		target_dest->netmask = netmask;
> @@ -275,6 +281,7 @@ static void wrandom_set_nhinfo(__be32 ne
>  	 * we are finished
>  	 */
>  
> + error:
>  	spin_unlock_bh(&state[state_idx].lock);
>  }


Thats slightly better than before, but since no errors are propagated
back to the routing code I think it would still crash later on.
A better idea would be to mark this crap BROKEN until it is really
fixed, so people won't accidentally enable it (which is enough
to cause problems).

Signed-off-by: Patrick McHardy <kaber@...sh.net>


View attachment "x" of type "text/plain" (592 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ