| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Jun 2011 22:24:16 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: eric.dumazet@...il.com
Cc: netdev@...r.kernel.org, kaber@...sh.net
Subject: Re: [PATCH] af_packet: prevent information leak
From: Eric Dumazet <eric.dumazet@...il.com>
Date: Tue, 07 Jun 2011 07:02:19 +0200
> In 2.6.27, commit 393e52e33c6c2 (packet: deliver VLAN TCI to userspace)
> added a small information leak.
>
> Add padding field and make sure its zeroed before copy to user.
>
> Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
> CC: Patrick McHardy <kaber@...sh.net>
I fear this will change the size of these structures on some weird
architecture. Doesn't ARM, for example, have weird rules
wrt. alignment and structure sizing when "smaller than word" elements
are involved?
That's why we need __packed on:
struct nd_opt_hdr {
__u8 nd_opt_type;
__u8 nd_opt_len;
} __packed;
for example.
Probably safe to just do a memset of the tail, and the constant length
will evaluate to zero on these weird platforms. On others, where the
padding does matter, the memset will emit the same code as your new
assignments do.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists