lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <m1bq9y2s88.fsf@ebiederm.dsl.xmission.com>
Date:	Tue, 13 Nov 2007 06:24:39 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
Cc:	Andrew Morton <akpm@...ux-foundation.org>, ebiederm@...ssion.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sysctl: Check length at deprecated_sysctl_warning.

Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> writes:

> Hello.
>
> Andrew Morton wrote:
>> I believe (args->nlen > CTL_MAXNAME) was correct.
> I'll leave it to you.
> But if you want to allow args->nlen == CTL_MAXNAME,
> you also need to update do_sysctl().

Which has been that way since before I decided to touch it. 2.6.12-rc1.
I haven't tracked it before then as I don't expect to see anything.

And that is why -ENOTDIR.  That is the historical error code from sysctl in
this case.

> int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user
> *oldlenp,
>                void __user *newval, size_t newlen)
> {
>         ...
>         if (nlen <= 0 || nlen >= CTL_MAXNAME)
>                 return -ENOTDIR;
>         ...
> }

CTL_MAXNAME is fairly arbitrary, and since the set of binary paths is fixed.
So it feels to me like the code really should read:

        if (nlen <= 0 || nlen > CTL_MAXNAME)
                return -ENOTDIR;

In both places. Just because that is what the comment describes.

I think in reality CTL_MAXNAME is actually 5 but I would have to look a little
more closely to confirm that.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ