| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Jul 2012 07:01:54 -0400 From: Neil Horman <nhorman@...driver.com> To: Eric Dumazet <eric.dumazet@...il.com> Cc: David Miller <davem@...emloft.net>, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, lizefan@...wei.com, tj@...nel.org, Gao feng <gaofeng@...fujitsu.com> Subject: Re: [PATCH] net: cgroup: fix out of bounds accesses On Mon, Jul 09, 2012 at 09:45:10AM +0200, Eric Dumazet wrote: > From: Eric Dumazet <edumazet@...gle.com> > > dev->priomap is allocated by extend_netdev_table() called from > update_netdev_tables(). > And this is only called if write_priomap() is called. > > But if write_priomap() is not called, it seems we can have out of bounds > accesses in cgrp_destroy(), read_priomap() & skb_update_prio() > > With help from Gao Feng > > Signed-off-by: Eric Dumazet <edumazet@...gle.com> > Cc: Neil Horman <nhorman@...driver.com> > Cc: Gao feng <gaofeng@...fujitsu.com> > --- > net/core/dev.c | 8 ++++++-- > net/core/netprio_cgroup.c | 4 ++-- > 2 files changed, 8 insertions(+), 4 deletions(-) > Thank you for doing this Eric, Gao. Just to be sure (I asked in the previous thread), would it be better to avoid the length check in skb_update_prio, and instead update the netdev tables to be long enough in cgrp_create and in netprio_device_event on device registration? Neil -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists