| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5085B8B0.6010500@hp.com>
Date: Mon, 22 Oct 2012 17:20:48 -0400
From: Brian Haley <brian.haley@...com>
To: Eric Dumazet <eric.dumazet@...il.com>
CC: Pavel Emelyanov <xemul@...allels.com>,
Linux Netdev List <netdev@...r.kernel.org>,
David Miller <davem@...emloft.net>
Subject: Re: [PATCH net-next] sockopt: Make SO_BINDTODEVICE readable
On 10/22/2012 04:45 PM, Eric Dumazet wrote:
> On Mon, 2012-10-22 at 14:04 -0400, Brian Haley wrote:
>
>> + char devname[IFNAMSIZ];
>> +
>> + ret = 0;
>> + if (sk->sk_bound_dev_if == 0)
>> + goto out;
>> +
>> + ret = -EINVAL;
>> + if (len < IFNAMSIZ)
>> + goto out;
>> + if (len > IFNAMSIZ)
>> + len = IFNAMSIZ;
>> +
>> + rcu_read_lock();
>> + dev = dev_get_by_index_rcu(net, sk->sk_bound_dev_if);
>> + if (dev)
>> + strcpy(dev->name, devname);
>> + rcu_read_unlock();
>> + ret = -ENODEV;
>
> You probably meant
>
> strcpy(devname, dev->name)
Yes, that was a stupid mistake, I'll fix it.
> By the way, this is not really safe in case device is renamed
It's not much different from what's there:
setsockopt("foo");
rename foo -> bar
index = getsockopt();
if_indextoname(index) -> "bar"
I more raised the issue since you pass a 'char *' to setsockopt() but an 'int *'
to getsockopt(), I don't think any other value is non-symmetrical like this.
-Brian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists