lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Wed, 14 Jul 2010 17:56:45 -0700 (PDT)
From:	David Miller <>
Subject: Re: [patch] net/sched: potential data corruption

From: jamal <>
Date: Tue, 13 Jul 2010 11:58:14 -0400

> On Tue, 2010-07-13 at 15:21 +0200, Dan Carpenter wrote:
>> The reset_policy() does:
>>         memset(d->tcfd_defdata, 0, SIMP_MAX_DATA);
>>         strlcpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);
>> In the original code, the size of d->tcfd_defdata wasn't fixed and if
>> strlen(defdata) was less than 31, reset_policy() would cause memory
>> corruption.
>> Please Note:  The original alloc_defdata() assumes defdata is 32
>> characters and a NUL terminator while reset_policy() assumes defdata is
>> 31 characters and a NUL.  This patch updates alloc_defdata() to match
>> reset_policy() (ie a shorter string).  I'm not very familiar with this
>> code so please review carefully.
>> Signed-off-by: Dan Carpenter <>
> Acked-by: Jamal Hadi Salim <>

Applied, thanks.
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists