lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20110606.222416.1114593259198630297.davem@davemloft.net>
Date:	Mon, 06 Jun 2011 22:24:16 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	eric.dumazet@...il.com
Cc:	netdev@...r.kernel.org, kaber@...sh.net
Subject: Re: [PATCH] af_packet: prevent information leak

From: Eric Dumazet <eric.dumazet@...il.com>
Date: Tue, 07 Jun 2011 07:02:19 +0200

> In 2.6.27, commit 393e52e33c6c2 (packet: deliver VLAN TCI to userspace)
> added a small information leak.
> 
> Add padding field and make sure its zeroed before copy to user.
> 
> Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
> CC: Patrick McHardy <kaber@...sh.net>

I fear this will change the size of these structures on some weird
architecture.  Doesn't ARM, for example, have weird rules
wrt. alignment and structure sizing when "smaller than word" elements
are involved?

That's why we need __packed on:

struct nd_opt_hdr {
	__u8		nd_opt_type;
	__u8		nd_opt_len;
} __packed;

for example.

Probably safe to just do a memset of the tail, and the constant length
will evaluate to zero on these weird platforms.  On others, where the
padding does matter, the memset will emit the same code as your new
assignments do.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ