| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 4 Jun 2018 20:25:09 +0200
From: Simon Horman <simon.horman@...ronome.com>
To: nixiaoming <nixiaoming@...wei.com>
Cc: davem@...emloft.net, dhowells@...hat.com, manuel.schoelling@....de,
wang840925@...il.com, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH] net/dns_resolver: dns_query Modify parameter checking to
avoid dead code
On Mon, Jun 04, 2018 at 02:40:31PM +0800, nixiaoming wrote:
> After commit 1a4240f4764a ("DNS: Separate out CIFS DNS Resolver code")
> a dead code exists in function dns_query
>
> code show as below:
> if (!name || namelen == 0)
> return -EINVAL;
> /*Now the value of "namelen" cannot be equal to 0*/
> ....
> if (!namelen) /*The condition "!namelen"" cannot be true*/
> namelen = strnlen(name, 256); /*deadcode*/
>
> Modify parameter checking to avoid dead code
>
> Signed-off-by: nixiaoming <nixiaoming@...wei.com>
> ---
> net/dns_resolver/dns_query.c | 8 +++-----
> 1 file changed, 3 insertions(+), 5 deletions(-)
>
> diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
> index 49da670..f2acee2 100644
> --- a/net/dns_resolver/dns_query.c
> +++ b/net/dns_resolver/dns_query.c
> @@ -81,7 +81,9 @@ int dns_query(const char *type, const char *name, size_t namelen,
> kenter("%s,%*.*s,%zu,%s",
> type, (int)namelen, (int)namelen, name, namelen, options);
>
> - if (!name || namelen == 0)
> + if (!name || namelen < 3 || namelen > 255)
> + return -EINVAL;
> + if (namelen > strnlen(name, 256)) /*maybe only need part of name*/
The line above seems to change the behaviour of this function.
I think it and the previous line can be dropped.
> return -EINVAL;
>
> /* construct the query key description as "[<type>:]<name>" */
> @@ -94,10 +96,6 @@ int dns_query(const char *type, const char *name, size_t namelen,
> desclen += typelen + 1;
> }
>
> - if (!namelen)
> - namelen = strnlen(name, 256);
> - if (namelen < 3 || namelen > 255)
> - return -EINVAL;
> desclen += namelen + 1;
I think the initialisation of desclen can be changed
to include namelen + 1 without changing the behaviour of this function.
>
> desc = kmalloc(desclen, GFP_KERNEL);
> --
> 2.10.1
>
Powered by blists - more mailing lists