lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <1372333466-29913-1-git-send-email-dborkman@redhat.com>
Date:	Thu, 27 Jun 2013 13:44:26 +0200
From:	Daniel Borkmann <dborkman@...hat.com>
To:	davem@...emloft.net
Cc:	dan.carpenter@...cle.com, netdev@...r.kernel.org
Subject: [PATCH net-next] nlmon: fix comparison in nlmon_is_valid_mtu

This patch fixes the following warning introduced in e4fc408e0e99
("packet: nlmon: virtual netlink monitoring device for packet
sockets") reported by Dan Carpenter:

warning: "drivers/net/nlmon.c:31 nlmon_is_valid_mtu()
	 warn: always true condition '(new_mtu <= ((~0 >> 1))) =>
				      (s32min-s32max <= s32max)'"

Thus, we should simply remove the test against INT_MAX. Next to that
we also need to explicitly cast the sizeof() case as the comparison
is type promoted to unsigned long so negative values are then
valid instead of invalid. While at it, this also adds a comment about
Netlink and MTUs.

Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Daniel Borkmann <dborkman@...hat.com>
---
 Thanks again Dan! Note that this only concerns net-next, not net.

 drivers/net/nlmon.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c
index dc364be..0fad94d 100644
--- a/drivers/net/nlmon.c
+++ b/drivers/net/nlmon.c
@@ -28,7 +28,11 @@ static netdev_tx_t nlmon_xmit(struct sk_buff *skb, struct net_device *dev)
 
 static int nlmon_is_valid_mtu(int new_mtu)
 {
-	return new_mtu >= sizeof(struct nlmsghdr) && new_mtu <= INT_MAX;
+	/* Note that in netlink we do not really have an upper limit. On
+	 * default, we use NLMSG_GOODSIZE. Here at least we should make
+	 * sure that it's at least the header size.
+	 */
+	return new_mtu >= (int) sizeof(struct nlmsghdr);
 }
 
 static int nlmon_change_mtu(struct net_device *dev, int new_mtu)
-- 
1.7.11.7

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ