lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <507E6362.1080009@6wind.com>
Date:	Wed, 17 Oct 2012 09:50:58 +0200
From:	Nicolas Dichtel <nicolas.dichtel@...nd.com>
To:	Steffen Klassert <steffen.klassert@...unet.com>
CC:	herbert@...dor.apana.org.au, netdev@...r.kernel.org,
	davem@...emloft.net
Subject: Re: [PATCH] xfrm: use ISO C standard for array in linux/xfrm.h

Le 17/10/2012 07:43, Steffen Klassert a écrit :
> On Tue, Oct 16, 2012 at 05:42:33PM +0200, nicolas.dichtel@...nd.com wrote:
>> From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
>>
>> Use the ISO C standard compliant form instead of the gcc extension.
>>
>> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
>> ---
>>   include/uapi/linux/xfrm.h | 10 +++++-----
>>   1 file changed, 5 insertions(+), 5 deletions(-)
>>
>> diff --git a/include/uapi/linux/xfrm.h b/include/uapi/linux/xfrm.h
>> index 28e493b..6a6a605 100644
>> --- a/include/uapi/linux/xfrm.h
>> +++ b/include/uapi/linux/xfrm.h
>> @@ -30,7 +30,7 @@ struct xfrm_sec_ctx {
>>   	__u8	ctx_alg;
>>   	__u16	ctx_len;
>>   	__u32	ctx_sid;
>> -	char	ctx_str[0];
>> +	char	ctx_str[];
>
> Hm, what's the benefit of such a change? The kernel source is full
> of these foo[0] type arrays. I don't see a reason to change this
> just for xfrm.
>
We got a problem with "ip xfrm state add" when compiled with gcc 4.4.6.
Error was "*** buffer overflow detected ***: ip terminated", because when we try 
to copy the key in struct xfrm_algo, the function strncpy() calls some builtin 
checks about the size of the destination buffer, which is 0. With the standard 
notation, there is no problem.

With gcc 4.7.0, there is no problem, I don't know exactly which version of gcc 
triggers the problem.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ