| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130414100000.3b73fa36@nehalam.linuxnetplumber.net> Date: Sun, 14 Apr 2013 10:00:00 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: Dash Four <mr.dash.four@...glemail.com> Cc: netdev@...r.kernel.org Subject: Re: [PATCH v2] iproute2: lib/utils.c bug fixes On Sun, 14 Apr 2013 15:10:54 +0100 Dash Four <mr.dash.four@...glemail.com> wrote: > This patch fixes the following 3 bugs in get_u32/get_u64 functions: > > 1. On 32-bit systems, get_u32 could not detect an overflow. > get_u32(&l, "4294967296", 10) always returned 4294967295 > (ULONG_MAX on 32-bit systems). > > 2. get_u64(&ll, "4294967295", 10) was returning an error where > it shouldn't have (4294967295 is perfectly legitimate value for > unsigned long long). > > 3. get_u64 couldn't detect an overflow errors (arg > ULLONG_MAX) > > Changelog: > > v2 - Dropped name title from Developer Certificate of Origin > > Signed-off-by: Dash Four <mr.dash.four@...glemail.com> > --- > lib/utils.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > Thanks for your patch. there were lots of related over/underflow errors in this code which have existed for a long time. I took your patch as motivation and did multiple fixes to add error checking for all the cases present. Thank you. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists