| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Mar 2022 14:42:29 -0800
From: Tadeusz Struk <tadeusz.struk@...aro.org>
To: Jakub Kicinski <kuba@...nel.org>
Cc: davem@...emloft.net,
Willem de Bruijn <willemdebruijn.kernel@...il.com>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
David Ahern <dsahern@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>, netdev@...r.kernel.org,
bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
stable@...r.kernel.org,
syzbot+e223cf47ec8ae183f2a0@...kaller.appspotmail.com
Subject: Re: [PATCH v2] net: ipv6: fix skb_over_panic in __ip6_append_data
On 3/10/22 14:30, Jakub Kicinski wrote:
>> +
>> + /*
>> + * Check if there is still room for payload
>> + */
> TBH I think the check is self-explanatory. Not worth a banner comment,
> for sure.
Ok
>
>> + if (fragheaderlen >= mtu) {
>> + err = -EMSGSIZE;
>> + kfree_skb(skb);
>> + goto error;
>> + }
> Not sure if Willem prefers this placement, but seems like we can lift
> this check out of the loop, as soon as fragheaderlen and mtu are known.
>
He said to check it before the skb_put() and so I did.
The fragheaderlen is known early, but mtu can be updated inside the loop
by ip6_append_data_mtu() so I'm not sure we can do the check before that.
--
Thanks,
Tadeusz
Powered by blists - more mailing lists