| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Feb 2011 17:16:00 +0200
From: Alexey Dobriyan <adobriyan@...il.com>
To: Vasiliy Kulikov <segoon@...nwall.com>
Cc: linux-kernel@...r.kernel.org,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <eric.dumazet@...il.com>,
Tom Herbert <therbert@...gle.com>,
Changli Gao <xiaosuo@...il.com>,
Jesse Gross <jesse@...ira.com>, netdev@...r.kernel.org
Subject: Re: [PATCH v2] core: dev: don't call BUG() on bad input
On Mon, Feb 14, 2011 at 4:42 PM, Vasiliy Kulikov <segoon@...nwall.com> wrote:
> alloc_netdev() may be called with too long name (more that IFNAMSIZ bytes).
> Currently this leads to BUG(). Other insane inputs (bad txqs, rxqs) and
> even OOM don't lead to BUG(). Made alloc_netdev() return NULL, like on
> other errors.
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -5761,7 +5761,10 @@ struct net_device *alloc_netdev_mqs(int sizeof_priv, const char *name,
> size_t alloc_size;
> struct net_device *p;
>
> - BUG_ON(strlen(name) >= sizeof(dev->name));
> + if (strnlen(name, sizeof(dev->name)) >= sizeof(dev->name)) {
> + pr_err("alloc_netdev: Too long device name\n");
> + return NULL;
> + }
Netdevice name isn't some random junk you get from userspace, so BUG is fine.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists