lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <483A6929.6060905@openvz.org>
Date:	Mon, 26 May 2008 11:39:21 +0400
From:	Pavel Emelyanov <xemul@...nvz.org>
To:	Stephen Hemminger <stephen.hemminger@...tta.com>
CC:	"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH] devinet: sysctl setup off by one

Stephen Hemminger wrote:
> It look like the code to setup /proc/sys/net/ipv4/conf/XXX has an off by one bug
> that causes the last entry (arp_accept) not to be adjusted properly.  This causes
> changes to the value to occur in the default namespace not the clone? Don't use
> network namespaces myself, but this looks like a bug.
> 
> Signed-off-by: Stephen Hemminger <shemminger@...tta.com>
> 
> --- a/net/ipv4/devinet.c	2008-05-23 15:23:19.000000000 -0700
> +++ b/net/ipv4/devinet.c	2008-05-23 15:29:17.000000000 -0700
> @@ -1466,7 +1466,7 @@ static int __devinet_sysctl_register(str
>  	if (!t)
>  		goto out;
>  
> -	for (i = 0; i < ARRAY_SIZE(t->devinet_vars) - 1; i++) {
> +	for (i = 0; i < ARRAY_SIZE(t->devinet_vars); i++) {
>  		t->devinet_vars[i].data += (char *)p - (char *)&ipv4_devconf;
>  		t->devinet_vars[i].extra1 = p;
>  		t->devinet_vars[i].extra2 = net;
> 

This off-by-one is required, since the very last element of this array
is used as a sentinel, that shows sysctl engine when to stop processing 
the table.

Look, the sizeof(t->devinet_vars) is __NET_IPV4_CONF_MAX == 22, thus
entries 0, 1, ... 20 are tables and the 21-st is this sentinel, so the
initialization of this last entry, whose index is (this_sizeof() - 1),
is not required.

Thanks,
Pavel
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ