| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20110207.134240.260080815.davem@davemloft.net> Date: Mon, 07 Feb 2011 13:42:40 -0800 (PST) From: David Miller <davem@...emloft.net> To: andrew.hendry@...il.com Cc: apw@...onical.com, john@...va.com, linux-x25@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, tim.gardner@...onical.com Subject: Re: x25: possible skb leak on bad facilities From: Andrew Hendry <andrew.hendry@...il.com> Date: Mon, 07 Feb 2011 21:08:15 +1100 > > Originally x25_parse_facilities returned > -1 for an error > 0 meaning 0 length facilities >>0 the length of the facilities parsed. > > 5ef41308f94dc introduced more error checking in x25_parse_facilities > however used 0 to indicate bad parsing > a6331d6f9a429 followed this further for DTE facilities, again using 0 for bad parsing. > > The meaning of 0 got confused in the callers. > If the facilities are messed up we can't determine where the data starts. > So patch makes all parsing errors return -1 and ensures callers close and don't use the skb further. > > Reported-by: Andy Whitcroft <apw@...onical.com> > Signed-off-by: Andrew Hendry <andrew.hendry@...il.com> Please reference the commit header line text when referring to SHA1 IDs, because when backporting to other GIT trees the SHA1 IDs might be different. I took care of this when applying your patch, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists