lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 10 Oct 2007 16:33:47 -0700
From:	Stephen Hemminger <shemminger@...ux-foundation.org>
To:	David Miller <davem@...emloft.net>
Cc:	brian.haley@...com, den@...nvz.org, aarapov@...hat.com,
	netdev@...r.kernel.org
Subject: Re: [RFC] more robust inet range checking

On Wed, 10 Oct 2007 16:31:08 -0700 (PDT)
David Miller <davem@...emloft.net> wrote:

> From: Brian Haley <brian.haley@...com>
> Date: Wed, 10 Oct 2007 15:24:20 -0400
> 
> > Stephen Hemminger wrote:
> > > --- a/net/ipv4/udp.c	2007-10-10 08:27:00.000000000 -0700
> > > +++ b/net/ipv4/udp.c	2007-10-10 09:44:35.000000000 -0700
> > > @@ -147,13 +147,13 @@ int __udp_lib_get_port(struct sock *sk, 
> > >  	write_lock_bh(&udp_hash_lock);
> > >  
> > >  	if (!snum) {
> > > -		int i;
> > > -		int low = sysctl_local_port_range[0];
> > > -		int high = sysctl_local_port_range[1];
> > > +		int i, range[2];
> > >  		unsigned rover, best, best_size_so_far;
> > 
> > Should these be signed ints?  They're the only ones that are unsigned, 
> > but I don't know why.
> 
> They have just been hacked inconsistently over the years,
> that's the only reason these types are like that.
> 
> > > --- a/net/sctp/protocol.c	2007-10-10 08:27:00.000000000 -0700
> > > +++ b/net/sctp/protocol.c	2007-10-10 09:58:21.000000000 -0700
> > > @@ -1173,7 +1173,6 @@ SCTP_STATIC __init int sctp_init(void)
> > >  	}
> > >  
> > >  	spin_lock_init(&sctp_port_alloc_lock);
> > > -	sctp_port_rover = sysctl_local_port_range[0] - 1;
> > 
> > I think you can remove the port_rover definition in sctp/structs.h and 
> > also the lock that protects it.  Patch below for that which can be 
> > applied on-top of yours.
> > 
> > -Brian
> > 
> > 
> > Remove SCTP port_rover and port_alloc_lock as they're no longer required.
> > 
> > Signed-off-by: Brian Haley <brian.haley@...com>
> 
> I like this range checking change, someone please resubmit with
> Brian's nits and this SCTP cleanup integrated on top.
> 
> I'll probably submit this to stable since it fixes the potential
> divide by zero, so test whatever you post :-)
> 
> Thanks!

I split them into two patches: 1 is the SCTP stuff, 2 is the range stuff.
Retesting tonight.


-- 
Stephen Hemminger <shemminger@...ux-foundation.org>
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ