| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121207185359.GP22569@mwanda> Date: Fri, 7 Dec 2012 21:53:59 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: walter harms <wharms@....de> Cc: Stephen Hemminger <shemminger@...tta.com>, "David S. Miller" <davem@...emloft.net>, bridge@...ts.linux-foundation.org, netdev@...r.kernel.org, kernel-janitors@...r.kernel.org, Thomas Graf <tgraf@...g.ch> Subject: Re: [patch v2] bridge: make buffer larger in br_setlink() On Fri, Dec 07, 2012 at 05:07:24PM +0100, walter harms wrote: > > > Am 07.12.2012 12:10, schrieb Dan Carpenter: > > We pass IFLA_BRPORT_MAX to nla_parse_nested() so we need > > IFLA_BRPORT_MAX + 1 elements. Also Smatch complains that we read past > > the end of the array when in br_set_port_flag() when it's called with > > IFLA_BRPORT_FAST_LEAVE. > > > > > > I have no clue why nla_parse_nested() need IFLA_BRPORT_MAX elements. > but the majory of loop look like > for(i=0;i<max;++) > most programmers will think this way. > So it seems the place to fix is nla_parse_nested(). > doing not so is asking for trouble (in the long run). > At least this function needs a big warning label that (max-1) > is actually needed. > Yeah, nla_parse_nested() is actually documented already. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists