| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4AD66F84.2010703@gmail.com> Date: Wed, 14 Oct 2009 20:40:36 -0400 From: William Allen Simpson <william.allen.simpson@...il.com> To: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: query: bnx2 and tg3 don't check tcp and/or ip header length validity? Michael Chan wrote: > The option length is needed by the hardware to segment a TSO packet into > proper MTU-sized packets. You'll get malformed packets if the TSO > header is bad. Setting it to zero perhaps can make these bad packets > more deterministic, but I don't know for sure. > Malformed packets are unlikely (I'll use unlikely() on the test), but I've seen a lot of unlikely things happen over the years. When I was concourse manager at Interop '91, a bad Portmaster build wouldn't pass packets through one kind of router (3com); but it passed through all the others! Turned out, *most* routers didn't check the IP version and IHL fields. Shocking! When we were designing IPv6 in '93, we had to use new IEEE numbers, etc. (instead of the IP version and IHL) to distinguish the new version. Otherwise, various printers crashed.... Unless there's a clearly documented check earlier in the code path (and there's nothing documented here), always re-check everything. (Also, never forget cosmic radiation....) Remember, from a driver developer's perspective, the hardware always fails. (And from a hardware viewpoint, the software is always bad.) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists