| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20090922.133819.173686372.davem@davemloft.net>
Date: Tue, 22 Sep 2009 13:38:19 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: shanwei@...fujitsu.com
Cc: dfeng@...hat.com, kaber@...sh.net, yoshfuji@...ux-ipv6.org,
jmorris@...ei.org, pekkas@...core.fi, kuznet@....inr.ac.ru,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] ipv4: fix do_ip_setsockopt optlen check for
IP_MULTICAST_IF
From: Shan Wei <shanwei@...fujitsu.com>
Date: Thu, 17 Sep 2009 17:15:22 +0800
> Xiaotian Feng wrote, at 09/17/2009 01:19 PM:
>> Due to man page of setsockopt, if optlen is not valid, kernel should return
>> -EINVAL. But a simple testcase as following, errno is 0, which means setsockopt
>> is successful.
>>
>> addr.s_addr = inet_addr("192.1.2.3");
>> setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &addr, 1);
>> printf("errno is %d\n", errno);
>>
>> This patch fixes the optlen check part, with the patch, we got errno EINVAL.
>>
>
> I also think it's a bug, the freebsd also does the optlen check.
> But the style should be coincident with other option: firstly check the
> availability of optlen, then copy option value from user and deal with it.
>
> How about this one:
This definitely is better and cleaner, but please don't post such
things without proper signoffs and commit messages because now
I have to ask you to do that instead of me just applying your
patch :-/
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists