| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Mar 2021 18:37:21 +0200
From: Olaf Hering <olaf@...fle.de>
To: "Andrea Parri (Microsoft)" <parri.andrea@...il.com>
Cc: linux-kernel@...r.kernel.org, linux-hyperv@...r.kernel.org,
"K . Y . Srinivasan" <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
Stephen Hemminger <sthemmin@...rosoft.com>,
Wei Liu <wei.liu@...nel.org>, Dexuan Cui <decui@...rosoft.com>,
Michael Kelley <mikelley@...rosoft.com>,
Saruhan Karademir <skarade@...rosoft.com>,
Juan Vazquez <juvazq@...rosoft.com>,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
"Martin K. Petersen" <martin.petersen@...cle.com>,
linux-scsi@...r.kernel.org
Subject: Re: [PATCH 3/3] scsi: storvsc: Validate length of incoming packet in
storvsc_on_channel_callback()
On Thu, Dec 17, Andrea Parri (Microsoft) wrote:
> Check that the packet is of the expected size at least, don't copy data
> past the packet.
> + if (hv_pkt_datalen(desc) < sizeof(struct vstor_packet) -
> + stor_device->vmscsi_size_delta) {
> + dev_err(&device->device, "Invalid packet len\n");
> + continue;
> + }
> +
Sorry for being late:
It might be just cosmetic, but should this check be done prior the call to vmbus_request_addr()?
Unrelated: my copy of vmbus_request_addr() can return 0, which is apparently not handled by this loop in storvsc_on_channel_callback().
Olaf
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists