| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Nov 2017 17:51:36 +0100
From: Lukasz Odzioba <lukasz.odzioba@...el.com>
To: herbert@...dor.apana.org.au, linux-kernel@...r.kernel.org
Cc: lukasz.odzioba@...el.com
Subject: RE: [2/4] crypto: af_alg - Allow arbitrarily long algorithm names" email-alg_bind.txt
Hi,
I found this patch by accident and it got my attention.
I think we can't make this name arbitrarily long because bind syscall checks addrlen before feeding protocol with it.
Current limit on my machine is 128 bytes and I can't even reach alg_bind() function if I specify more than that.
We may want to revert that.
net/socket.c:
SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
{
struct socket *sock;
struct sockaddr_storage address;
int err, fput_needed;
sock = sockfd_lookup_light(fd, &err, &fput_needed);
if (sock) {
err = move_addr_to_kernel(umyaddr, addrlen, (struct sockaddr *)&address);
(...snip...)
int move_addr_to_kernel(void __user *uaddr, int ulen, struct sockaddr_storage *kaddr)
{
if (ulen < 0 || ulen > sizeof(struct sockaddr_storage))
return -EINVAL;
Thanks,
Lukas
Powered by blists - more mailing lists