[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d02a90c5ca1475c27e06d3d592bac89ab17b37ea.camel@perches.com>
Date: Mon, 24 Jul 2023 20:59:53 -0700
From: Joe Perches <joe@...ches.com>
To: Jakub Kicinski <kuba@...nel.org>, Lin Ma <linma@....edu.cn>
Cc: jhs@...atatu.com, xiyou.wangcong@...il.com, jiri@...nulli.us,
davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net/sched: mqprio: Add length check for
TCA_MQPRIO_{MAX/MIN}_RATE64
On Mon, 2023-07-24 at 17:56 -0700, Jakub Kicinski wrote:
> On Tue, 25 Jul 2023 08:15:39 +0800 (GMT+08:00) Lin Ma wrote:
> > > > The nla_for_each_nested parsing in function mqprio_parse_nlattr() does
> > > > not check the length of the nested attribute. This can lead to an
> > > > out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
> > > > be viewed as 8 byte integer and passed to priv->max_rate/min_rate.
> > > >
> > > > This patch adds the check based on nla_len() when check the nla_type(),
> > > > which ensures that the length of these two attribute must equals
> > > > sizeof(u64).
> > >
> > > How do you run get_maintainer? You didn't CC the author of the code.
> >
> > That's weird, I just ran code below and send this patch to all 9 emails poped out.
> >
> > # ./scripts/get_maintainer.pl net/sched/sch_mqprio.c
>
> Joe, here's another case.
What do you think the "case" is here?
Do you think John Fastabend, who hasn't touched the file in 7+ years
should be cc'd? Why?
> Lin Ma, you need to run the script on the file generated by
> git format-patch, rather than the file path. That gives better
> coverage for keywords included in the commit message (especially
> the Fixes tag). Please rerun it on the patch and repost with
> the right CC list.
Powered by blists - more mailing lists