lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200902181418.35622.paul.moore@hp.com>
Date:	Wed, 18 Feb 2009 14:18:35 -0500
From:	Paul Moore <paul.moore@...com>
To:	etienne <etienne.basset@...ericable.fr>
Cc:	Casey Schaufler <casey@...aufler-ca.com>,
	"Linux-Kernel" <linux-kernel@...r.kernel.org>,
	linux-security-module@...r.kernel.org
Subject: Re: [PATCH] SMACK netfilter smacklabel socket match

On Wednesday 18 February 2009 01:29:11 pm etienne wrote:
> OK, I'm about to send a new patch; but while testing my patches and reading
> code, I noticed another bug :
>
> In smackfs.c:smk_write_netlbladdr
> the netmask mask.s_addr is not handled correctly, the netmask should be :
> 1- computed in u32
> 2- converted to be32 !!
> with current code, a "pseudo u32 mask" is applied to a be32 ipaddr; it
> occurs to works for "common netmasks" (multiple of 8), not for
> "intermediate" mask (/15, /25)

Heh, back when Casey was first drafting this code I mentioned the same issue 
regarding byte ordering but Casey assured me that everything was correct.  I 
didn't have a Smack test system at the time so I couldn't verify the behavior.  
I'm glad you had a chance to test it, needless to say you should fix that when 
you submit your patch.

-- 
paul moore
linux @ hp

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ