| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 May 2024 16:26:19 +0300 From: Dan Carpenter <dan.carpenter@...aro.org> To: Chuck Lever <chuck.lever@...cle.com> Cc: Jeff Layton <jlayton@...nel.org>, Neil Brown <neilb@...e.de>, Olga Kornievskaia <kolga@...app.com>, Dai Ngo <Dai.Ngo@...cle.com>, Tom Talpey <tom@...pey.com>, linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: Re: [PATCH 2/2] NFSD: harden svcxdr_dupstr() and svcxdr_tmpalloc() against integer overflows On Thu, May 09, 2024 at 09:19:48AM -0400, Chuck Lever wrote: > On Thu, May 09, 2024 at 01:48:28PM +0300, Dan Carpenter wrote: > > These lengths come from xdr_stream_decode_u32() and so we should be a > > bit careful with them. Use size_add() and struct_size() to avoid > > integer overflows. Saving size_add()/struct_size() results to a u32 is > > unsafe because it truncates away the high bits. > > > > Also generally storing sizes in longs is safer. Most systems these days > > use 64 bit CPUs. It's harder for an addition to overflow 64 bits than > > it is to overflow 32 bits. Also functions like vmalloc() can > > successfully allocate UINT_MAX bytes, but nothing can allocate ULONG_MAX > > bytes. > > > > Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org> > > --- > > I think my patch 1 fixes any real issues. It's hard to assign a Fixes > > tag to this. > > I agree that this is a defensive change only. As it is late in the > cycle and this doesn't seem urgent, I would prefer to queue this > change for v6.11. > Sounds good. I would imagine that eventually it will make its way back to the stable kernels but it's not a rush. regards, dan carpenter
Powered by blists - more mailing lists