| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <59FB9DAA.702@iogearbox.net>
Date: Thu, 02 Nov 2017 23:35:22 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: Arnd Bergmann <arnd@...db.de>, Alexei Starovoitov <ast@...nel.org>
CC: "David S. Miller" <davem@...emloft.net>,
Edward Cree <ecree@...arflare.com>,
John Fastabend <john.fastabend@...il.com>,
Jakub Kicinski <jakub.kicinski@...ronome.com>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning
in bpf_check
On 11/02/2017 12:05 PM, Arnd Bergmann wrote:
> The bpf_verifer_ops array is generated dynamically and may be
> empty depending on configuration, which then causes an out
> of bounds access:
>
> kernel/bpf/verifier.c: In function 'bpf_check':
> kernel/bpf/verifier.c:4320:29: error: array subscript is above array bounds [-Werror=array-bounds]
>
> This adds a check to the start of the function as a workaround.
> I would assume that the function is never called in that configuration,
> so the warning is probably harmless.
>
> Fixes: 00176a34d9e2 ("bpf: remove the verifier ops from program structure")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Acked-by: Daniel Borkmann <daniel@...earbox.net>
LGTM, and bpf_analyzer() already has proper logic to bail out for
such cases (although only used by nfp right now, which is there
when NET is configured anyway).
Powered by blists - more mailing lists