| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141201123007.GB7949@1wt.eu>
Date: Mon, 1 Dec 2014 13:30:07 +0100
From: Willy Tarreau <w@....eu>
To: Luis Henriques <luis.henriques@...onical.com>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Hannes Frederic Sowa <hannes@...essinduktion.org>,
Eric Dumazet <edumazet@...gle.com>,
Andrey Ryabinin <a.ryabinin@...sung.com>,
"David S. Miller" <davem@...emloft.net>
Subject: Re: [ 22/48] net: sendmsg: fix NULL pointer dereference
Hi Luis,
On Mon, Dec 01, 2014 at 11:45:22AM +0000, Luis Henriques wrote:
> > diff --git a/net/compat.c b/net/compat.c
> > index e9672c8..71ed839 100644
> > --- a/net/compat.c
> > +++ b/net/compat.c
> > @@ -83,7 +83,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov,
> > {
> > int tot_len;
> >
> > - if (kern_msg->msg_namelen) {
> > + if (kern_msg->msg_namelen && kern_msg->msg_namelen) {
>
> I know my review is already too late for the release,
No problem, there's no deadline for reporting bugs :-)
> but the above
> line isn't correct -- it's checking msg_namelen twice, instead of
> checking msg_name as well:
>
> if (kern_msg->msg_name && kern_msg->msg_namelen)
Woops! I must have failed it by myself while doing it by hand :-(
Queuing the fix now, thank s for reporting!
Willy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists