| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20080503.163202.48704621.davem@davemloft.net>
Date: Sat, 03 May 2008 16:32:02 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: johannes@...solutions.net
Cc: herbert@...dor.apana.org.au, mb@...sch.de, netdev@...r.kernel.org,
linux-wireless@...r.kernel.org
Subject: Re: mac80211 truesize bugs
From: Johannes Berg <johannes@...solutions.net>
Date: Sun, 04 May 2008 01:24:48 +0200
>
> > > @@ -699,6 +699,12 @@ int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail,
> > > if (skb_shared(skb))
> > > BUG();
> > >
> > > + if (unlikely((nhead || ntail) && skb->sk)) {
> > > + printk(KERN_ERR "SKB BUG: Illegal pskb expand (%d:%d) "
> > > + "with socket attached\n",
> > > + nhead, ntail);
> > > + }
> > > +
> > > size = SKB_DATA_ALIGN(size);
> >
> > Ok I think I'm starting to understand this a little better. However,
> > shouldn't this function update skb->truesize so if the skb is later
> > attached to a different socket again it has the right size?
>
> Judging from some of the callers, the caller should. Why?!
Relax :-)
We certainly could check that there is no socket attached here,
and make the truesize adjustment right at this spot.
It just never happened before in practice in a way that matters.
That's why we have the truesize assertion, to discover situations
like this and thus be able to fix it.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists