| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f6e1b7990907270859l65f84d8bm4712f6d82d9a688a@mail.gmail.com>
Date: Mon, 27 Jul 2009 09:59:18 -0600
From: Abhishek Kulkarni <adkulkar@...il.iu.edu>
To: linux-kernel@...r.kernel.org
Cc: v9fs-developer@...ts.sourceforge.net, netdev@...r.kernel.org
Subject: Re: [PATCH] net/9p: Insulate the client against an invalid error code
sent by a 9p server.
Adding netdev to Cc.
---
A looney tunes server sending an invalid error code (which is !IS_ERR_VALUE)
can result in a client oops. So fix it by adding a check and converting unknown
or invalid error codes to -ESERVERFAULT.
Signed-off-by: Abhishek Kulkarni <adkulkar@...il.iu.edu>
---
:100644 100644 787ccdd... c9a5bf9... M net/9p/client.c
:100644 100644 fdebe43... 5251851... M net/9p/error.c
net/9p/client.c | 7 +------
net/9p/error.c | 2 +-
2 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/net/9p/client.c b/net/9p/client.c
index 787ccdd..c9a5bf9 100644
--- a/net/9p/client.c
+++ b/net/9p/client.c
@@ -411,14 +411,9 @@ static int p9_check_errors(struct p9_client *c,
struct p9_req_t *req)
if (c->dotu)
err = -ecode;
- if (!err) {
+ if (!err || !IS_ERR_VALUE(err))
err = p9_errstr2errno(ename, strlen(ename));
- /* string match failed */
- if (!err)
- err = -ESERVERFAULT;
- }
-
P9_DPRINTK(P9_DEBUG_9P, "<<< RERROR (%d) %s\n", -ecode, ename);
kfree(ename);
diff --git a/net/9p/error.c b/net/9p/error.c
index fdebe43..5251851 100644
--- a/net/9p/error.c
+++ b/net/9p/error.c
@@ -239,7 +239,7 @@ int p9_errstr2errno(char *errstr, int len)
errstr[len] = 0;
printk(KERN_ERR "%s: server reported unknown error %s\n",
__func__, errstr);
- errno = 1;
+ errno = ESERVERFAULT;
}
return -errno;
--
1.6.0.4
On Mon, Jul 27, 2009 at 9:14 AM, Abhishek Kulkarni<adkulkar@...il.iu.edu> wrote:
> A looney tunes server sending an invalid error code (which is !IS_ERR_VALUE)
> can result in a client oops. So fix it by adding a check and converting unknown
> or invalid error codes to -ESERVERFAULT.
>
> Signed-off-by: Abhishek Kulkarni <adkulkar@...il.iu.edu>
> ---
> :100644 100644 787ccdd... c9a5bf9... M net/9p/client.c
> :100644 100644 fdebe43... 5251851... M net/9p/error.c
> net/9p/client.c | 7 +------
> net/9p/error.c | 2 +-
> 2 files changed, 2 insertions(+), 7 deletions(-)
>
> diff --git a/net/9p/client.c b/net/9p/client.c
> index 787ccdd..c9a5bf9 100644
> --- a/net/9p/client.c
> +++ b/net/9p/client.c
> @@ -411,14 +411,9 @@ static int p9_check_errors(struct p9_client *c, struct p9_req_t *req)
> if (c->dotu)
> err = -ecode;
>
> - if (!err) {
> + if (!err || !IS_ERR_VALUE(err))
> err = p9_errstr2errno(ename, strlen(ename));
>
> - /* string match failed */
> - if (!err)
> - err = -ESERVERFAULT;
> - }
> -
> P9_DPRINTK(P9_DEBUG_9P, "<<< RERROR (%d) %s\n", -ecode, ename);
>
> kfree(ename);
> diff --git a/net/9p/error.c b/net/9p/error.c
> index fdebe43..5251851 100644
> --- a/net/9p/error.c
> +++ b/net/9p/error.c
> @@ -239,7 +239,7 @@ int p9_errstr2errno(char *errstr, int len)
> errstr[len] = 0;
> printk(KERN_ERR "%s: server reported unknown error %s\n",
> __func__, errstr);
> - errno = 1;
> + errno = ESERVERFAULT;
> }
>
> return -errno;
> --
> 1.6.0.4
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists