| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Nov 2020 15:20:06 -0500
From: <min.li.xe@...esas.com>
To: <richardcochran@...il.com>
CC: <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
Min Li <min.li.xe@...esas.com>
Subject: [PATCH v2 net] ptp: clockmatrix: bug fix for idtcm_strverscmp
From: Min Li <min.li.xe@...esas.com>
Feed kstrtou8 with NULL terminated string.
Changes since v1:
-Use strscpy instead of strncpy for safety.
Signed-off-by: Min Li <min.li.xe@...esas.com>
---
drivers/ptp/ptp_clockmatrix.c | 60 ++++++++++++++++++++++++++++++-------------
tools/bpf/example | 12 +++++++++
tools/bpf/novlan | 7 +++++
3 files changed, 61 insertions(+), 18 deletions(-)
create mode 100644 tools/bpf/example
create mode 100644 tools/bpf/novlan
diff --git a/drivers/ptp/ptp_clockmatrix.c b/drivers/ptp/ptp_clockmatrix.c
index e020faf..d4e434b 100644
--- a/drivers/ptp/ptp_clockmatrix.c
+++ b/drivers/ptp/ptp_clockmatrix.c
@@ -103,42 +103,66 @@ static int timespec_to_char_array(struct timespec64 const *ts,
return 0;
}
-static int idtcm_strverscmp(const char *ver1, const char *ver2)
+static int idtcm_strverscmp(const char *version1, const char *version2)
{
u8 num1;
u8 num2;
int result = 0;
+ char ver1[16];
+ char ver2[16];
+ char *cur1;
+ char *cur2;
+ char *next1;
+ char *next2;
+
+ if (strscpy(ver1, version1, 16) < 0 ||
+ strscpy(ver2, version2, 16) < 0)
+ return -1;
+ cur1 = ver1;
+ cur2 = ver2;
/* loop through each level of the version string */
while (result == 0) {
+ next1 = strchr(cur1, '.');
+ next2 = strchr(cur2, '.');
+
+ /* kstrtou8 could fail for dot */
+ if (next1) {
+ *next1 = '\0';
+ next1++;
+ }
+
+ if (next2) {
+ *next2 = '\0';
+ next2++;
+ }
+
/* extract leading version numbers */
- if (kstrtou8(ver1, 10, &num1) < 0)
+ if (kstrtou8(cur1, 10, &num1) < 0)
return -1;
- if (kstrtou8(ver2, 10, &num2) < 0)
+ if (kstrtou8(cur2, 10, &num2) < 0)
return -1;
/* if numbers differ, then set the result */
if (num1 < num2)
+ return -1;
+ if (num1 > num2)
+ return 1;
+
+ /* if numbers are the same, go to next level */
+ if (!next1 && !next2)
+ break;
+ else if (!next1) {
result = -1;
- else if (num1 > num2)
+ } else if (!next2) {
result = 1;
- else {
- /* if numbers are the same, go to next level */
- ver1 = strchr(ver1, '.');
- ver2 = strchr(ver2, '.');
- if (!ver1 && !ver2)
- break;
- else if (!ver1)
- result = -1;
- else if (!ver2)
- result = 1;
- else {
- ver1++;
- ver2++;
- }
+ } else {
+ cur1 = next1;
+ cur2 = next2;
}
}
+
return result;
}
diff --git a/tools/bpf/example b/tools/bpf/example
new file mode 100644
index 0000000..a0ac81f
--- /dev/null
+++ b/tools/bpf/example
@@ -0,0 +1,12 @@
+ ldh [12]
+ jne #0x8100, nonvlan
+ ldh [16]
+ jne #0x88f7, bad
+ ldb [18]
+ ja test
+ nonvlan: jne #0x88f7, bad
+ ldb [14]
+ test: and #0x8
+ jeq #0, bad
+ good: ret #1500
+ bad: ret #0
diff --git a/tools/bpf/novlan b/tools/bpf/novlan
new file mode 100644
index 0000000..fe35288
--- /dev/null
+++ b/tools/bpf/novlan
@@ -0,0 +1,7 @@
+ ldh [12]
+ jne #0x88f7, bad
+ ldb [14]
+ and #0x8
+ jeq #0, bad
+ good: ret #1500
+ bad: ret #0
--
2.7.4
Powered by blists - more mailing lists