| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Mar 2008 15:03:35 +0100
From: Patrick McHardy <kaber@...sh.net>
To: Pekka J Enberg <penberg@...helsinki.fi>
CC: netfilter-devel@...r.kernel.org, clameter@....com, joe@...ches.com,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
Netfilter Development Mailinglist
<netfilter-devel@...r.kernel.org>
Subject: Re: [PATCH] netfilter: replace horrible hack with ksize()
Pekka J Enberg wrote:
> From: Pekka Enberg <penberg@...helsinki.fi>
>
> There's a horrible slab abuse in net/netfilter/nf_conntrack_extend.c that
> can be replaced with a call to ksize().
This doesn't look right.
> @@ -95,7 +85,7 @@ void *__nf_ct_ext_add(struct nf_conn *ct
> newlen = newoff + t->len;
> rcu_read_unlock();
>
> - if (newlen >= ct->ext->real_len) {
> + if (newlen >= ksize(ct->ext)) {
This needs to look at the currently allocated size, otherwise
it will always realloc when adding new extensions after having
used up ksize(ct->ext) space.
> new = kmalloc(newlen, gfp);
And this should use ksize(newlen) and store the real length
in real_len below.
> if (!new)
> return NULL;
> @@ -114,7 +104,6 @@ void *__nf_ct_ext_add(struct nf_conn *ct
> rcu_read_unlock();
> }
> kfree(ct->ext);
> - new->real_len = newlen;
> ct->ext = new;
> }
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists