[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <12F4112206976147A34FEC0277597CCF27A4164C1A@XCH-NW-15V.nw.nos.boeing.com>
Date: Mon, 12 Oct 2009 16:29:53 -0700
From: "Templin, Fred L" <Fred.L.Templin@...ing.com>
To: Greg KH <greg@...ah.com>, David Miller <davem@...emloft.net>
CC: "contact@...chahlusiak.de" <contact@...chahlusiak.de>,
"yoshfuji@...ux-ipv6.org" <yoshfuji@...ux-ipv6.org>,
"gregkh@...e.de" <gregkh@...e.de>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"stable@...nel.org" <stable@...nel.org>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
"torvalds@...ux-foundation.org" <torvalds@...ux-foundation.org>,
"stable-review@...nel.org" <stable-review@...nel.org>,
"alan@...rguk.ukuu.org.uk" <alan@...rguk.ukuu.org.uk>
Subject: RE: [stable] [patch 37/37] sit: fix off-by-one
inipip6_tunnel_get_prl
Greg,
> -----Original Message-----
> From: Greg KH [mailto:greg@...ah.com]
> Sent: Monday, October 12, 2009 3:05 PM
> To: David Miller
> Cc: Templin, Fred L; contact@...chahlusiak.de; yoshfuji@...ux-ipv6.org; gregkh@...e.de; linux-
> kernel@...r.kernel.org; stable@...nel.org; akpm@...ux-foundation.org; torvalds@...ux-foundation.org;
> stable-review@...nel.org; alan@...rguk.ukuu.org.uk
> Subject: Re: [stable] [patch 37/37] sit: fix off-by-one inipip6_tunnel_get_prl
>
> On Fri, Oct 09, 2009 at 08:42:31PM -0700, David Miller wrote:
> > From: "Templin, Fred L" <Fred.L.Templin@...ing.com>
> > Date: Fri, 9 Oct 2009 17:34:49 -0700
> >
> > > Wait a moment - I remember now that this code came
> > > from Yoshifuji, and I believe there was a reason for
> > > the cmax+1. The application is expected to know this
> > > and to post a large enough buffer.
> > >
> > > Can we put this on hold until I have had a chance to
> > > check my e-mail archives and my local iproute changes
> > > (will respond on monday)?
> >
> > Sure, we can keep it out of -stable for now.
> >
> > But it is in Linus's tree so if you find we shouldn't do this
> > you'll need to send me a revert for net-2.6
> >
> > Otherwise if it's good, you'll have to remind me to resubmit
> > it to -stable.
>
> Ah crap, I just commited it.
>
> Is it really broken? If so, I'll go revert it and cut a new release.
>
> Sorry about this.
As I just mentioned to David, I tested and the patch is
good. To test, I allocated a buffer in the application
that was too small to hold the entire PRL. Without the
patch, the system crashes. With the patch, the kernel
returns the maximum number of PRL entries without
crashing and without overrunning the application's buffer.
Please apply the patch if you have not already done so.
Fred
fred.l.templin@...ing.com
> greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists