lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 25 Jan 2007 16:22:20 +0300
From:	Alexey Kuznetsov <kuznet@....inr.ac.ru>
To:	David Miller <davem@...emloft.net>
Cc:	raivis@...lv, netdev@...r.kernel.org, waltje@...lt.NL.Mugnet.ORG,
	gw4pts@...pts.ampr.org, dim@...nvz.org
Subject: Re: [BUG] problem with BPF in PF_PACKET sockets, introduced in linux-2.6.19

Hello!

> So this whole idea to make run_filter() return signed integers
> and fail on negative is entirely flawed, it simply cannot work
> and retain the expected semantics which have been there forever.

Actually, it can. Return value was used only as sign of error,
so that the mistake was to return original unsigned result casted to int.

Alternative fix is enclosed. To be honest, it is not better than
yours: duplication of couple lines of code against passing return
value by pointer.

Alexey


diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index da73e8a..51e5537 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -437,11 +437,13 @@ static inline int run_filter(struct sk_b
 	rcu_read_lock_bh();
 	filter = rcu_dereference(sk->sk_filter);
 	if (filter != NULL) {
-		err = sk_run_filter(skb, filter->insns, filter->len);
-		if (!err)
+		unsigned int res;
+
+		res = sk_run_filter(skb, filter->insns, filter->len);
+		if (!res)
 			err = -EPERM;
-		else if (*snaplen > err)
-			*snaplen = err;
+		else if (*snaplen > res)
+			*snaplen = res;
 	}
 	rcu_read_unlock_bh();
 
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists