| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20081127.000748.248098977.davem@davemloft.net> Date: Thu, 27 Nov 2008 00:07:48 -0800 (PST) From: David Miller <davem@...emloft.net> To: mcarlson@...adcom.com Cc: mchan@...adcom.com, netdev@...r.kernel.org Subject: Re: [RFC] Validate ethtool autoneg before relaying From: "Matt Carlson" <mcarlson@...adcom.com> Date: Wed, 26 Nov 2008 15:44:06 -0800 > On Wed, Nov 26, 2008 at 03:28:12PM -0800, Michael Chan wrote: > > > > On Wed, 2008-11-26 at 14:17 -0800, Matt Carlson wrote: > > > diff --git a/net/core/ethtool.c b/net/core/ethtool.c > > > index 14ada53..6362f56 100644 > > > --- a/net/core/ethtool.c > > > +++ b/net/core/ethtool.c > > > @@ -164,6 +164,9 @@ static int ethtool_set_settings(struct net_device *dev, void __user *useraddr) > > > if (copy_from_user(&cmd, useraddr, sizeof(cmd))) > > > return -EFAULT; > > > > > > + if (cmd.autoneg != AUTONEG_ENABLE && cmd.autoneg != AUTONEG_DISABLE) > > > + return -EFAULT; > > > + > > > > Matt, you should return -EINVAL here instead. > > Yes. You are right. I'll fix this in a revised patch if everyone > decides this is an effort worth pursuing. I think this is a great idea, checking the validity in one spot. So please, submit a final version of these changes when you get a chance. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists