lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1291797193.2883.28.camel@edumazet-laptop>
Date:	Wed, 08 Dec 2010 09:33:13 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Martin Steigerwald <Martin@...htvoll.de>
Cc:	Ben Hutchings <bhutchings@...arflare.com>,
	David Miller <davem@...emloft.net>,
	netdev <netdev@...r.kernel.org>
Subject: Re: [PATCH] tcp: avoid a possible divide by zero

Le mercredi 08 décembre 2010 à 09:23 +0100, Martin Steigerwald a écrit :

> Are there so many sysctls which are likely to freeze the kernel when fed 
> with wrong value? Once could argue for sysctls where invalid values don't 
> cause any serious harm, its not so important to fix it. I probably could 
> have next weeks training members a go at poking creative values in other 
> controls as well to see what happens.
> 

We have many sysctls that can lead to non working machine.

Any kind of limits actually. Just set them to 0 (or maybe a negative
number :( )

0 socket, 0 file descriptor, 0 memory, 0 speed limit, 0 lengthes ...



> So this patch helps other cases as well? Or is it, as I think just a 
> different approach, to fix the issue my training member brought up, by its 
> cause instead of or additional to limiting its range?
> 
> Want to check whether I basically understood the patch. Do you want me to 
> test it? 

It has nothing to do with the issue you raised, and is a completely
different subject. I got it while spending 5 minutes yesterday night
grep-ing some sysctls in network tree. 0 value is one of expected value
for this sysctl, but the test was not safe.



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ