lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Apr 2017 18:27:04 +0200 From: Alexander Potapenko <glider@...gle.com> To: David Miller <davem@...emloft.net> Cc: Dmitriy Vyukov <dvyukov@...gle.com>, Kostya Serebryany <kcc@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, LKML <linux-kernel@...r.kernel.org>, Networking <netdev@...r.kernel.org> Subject: Re: [PATCH v2] net/packet: initialize val in packet_getsockopt() On Tue, Apr 25, 2017 at 5:44 PM, David Miller <davem@...emloft.net> wrote: > From: Alexander Potapenko <glider@...gle.com> > Date: Mon, 24 Apr 2017 14:59:14 +0200 > >> In the case getsockopt() is called with PACKET_HDRLEN and optlen < 4 >> |val| remains uninitialized and the syscall may behave differently >> depending on its value. This doesn't have security consequences (as the >> uninit bytes aren't copied back), but it's still cleaner to initialize >> |val| and ensure optlen is not less than sizeof(int). >> >> This bug has been detected with KMSAN. >> >> Signed-off-by: Alexander Potapenko <glider@...gle.com> >> --- >> v2: - if len < sizeof(int), make it 0 > > No, you should signal an error if the len is too small. According to manpages, only setsockopt() may return EINVAL. Is it ok to change the behavior of getsockopt() to return EINVAL in this case? (I.e. won't we break existing users that don't expect it?) > Returning zero bytes to userspace silently makes the user think that > he got the data he asked for. -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
Powered by blists - more mailing lists