lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190326.124646.505432518345625779.davem@davemloft.net>
Date:   Tue, 26 Mar 2019 12:46:46 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     mkubecek@...e.cz
Cc:     netdev@...r.kernel.org, jakub.kicinski@...ronome.com,
        jiri@...nulli.us, andrew@...n.ch, f.fainelli@...il.com,
        linville@...driver.com, stephen@...workplumber.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v5 01/22] rtnetlink: provide permanent
 hardware address in RTM_NEWLINK

From: Michal Kubecek <mkubecek@...e.cz>
Date: Mon, 25 Mar 2019 18:07:57 +0100 (CET)

> @@ -1683,6 +1684,8 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb,
>  	    nla_put_s32(skb, IFLA_NEW_IFINDEX, new_ifindex) < 0)
>  		goto nla_put_failure;
>  
> +	if (nla_put(skb, IFLA_PERM_ADDRESS, dev->addr_len, dev->perm_addr))
> +		goto nla_put_failure;
>  
>  	rcu_read_lock();
>  	if (rtnl_fill_link_af(skb, dev, ext_filter_mask))

I guess, as Jiri says, we really do have to check if the driver
actually set this before pushing the attribute out to userspace.

But seriously, you chould just check for dev_addr_len zeros.

All zeros is not a valid link address on any link type.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ