[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKU6vyY3WjVwTK5Tcp2W93DefjJMreZjhtudNHBALns=6bK9Jw@mail.gmail.com>
Date: Wed, 23 Nov 2011 09:04:11 -0500
From: Xi Wang <xi.wang@...il.com>
To: Alan Cox <alan@...rguk.ukuu.org.uk>
Cc: linux-kernel@...r.kernel.org, Joerg Reuter <jreuter@...na.de>,
Ralf Baechle <ralf@...ux-mips.org>,
David Miller <davem@...emloft.net>, linux-hams@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH 1/2] ax25: integer overflows in ax25_setsockopt()
All these magic numbers come from net/ax25/sysctl_net_ax25.c, where
min/max values of each field are set for sysctl. Is it okay to use
them?
- xi
On Wed, Nov 23, 2011 at 5:44 AM, Alan Cox <alan@...rguk.ukuu.org.uk> wrote:
>> case AX25_T1:
>> - if (opt < 1) {
>> + if (opt < 1 || opt > 30) {
>
> Where do these values come from ? If they are from some 'standard' then
> really we should avoid restricting needlessly to it, particularly as
> AX.25 isn't well defined and is used for all sorts of crazy stuff where
> the usual range of settings isn't useful.
>
> Restricting to the point it would overflow makes sense however.
>
> Alan
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists