| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Nov 2007 06:24:39 -0700
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
Cc: Andrew Morton <akpm@...ux-foundation.org>, ebiederm@...ssion.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sysctl: Check length at deprecated_sysctl_warning.
Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> writes:
> Hello.
>
> Andrew Morton wrote:
>> I believe (args->nlen > CTL_MAXNAME) was correct.
> I'll leave it to you.
> But if you want to allow args->nlen == CTL_MAXNAME,
> you also need to update do_sysctl().
Which has been that way since before I decided to touch it. 2.6.12-rc1.
I haven't tracked it before then as I don't expect to see anything.
And that is why -ENOTDIR. That is the historical error code from sysctl in
this case.
> int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user
> *oldlenp,
> void __user *newval, size_t newlen)
> {
> ...
> if (nlen <= 0 || nlen >= CTL_MAXNAME)
> return -ENOTDIR;
> ...
> }
CTL_MAXNAME is fairly arbitrary, and since the set of binary paths is fixed.
So it feels to me like the code really should read:
if (nlen <= 0 || nlen > CTL_MAXNAME)
return -ENOTDIR;
In both places. Just because that is what the comment describes.
I think in reality CTL_MAXNAME is actually 5 but I would have to look a little
more closely to confirm that.
Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists