lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAGVrzcbYgy--jh_C6op39+DZqqkS5=Dmuu57uUGSnEr0TZ6DUw@mail.gmail.com>
Date:	Thu, 19 Dec 2013 10:08:54 -0800
From:	Florian Fainelli <f.fainelli@...il.com>
To:	netdev <netdev@...r.kernel.org>, e1000-devel@...ts.sourceforge.net,
	jeffrey.t.kirsher@...el.com,
	John Fastabend <john.r.fastabend@...el.com>
Subject: ixgbevf: suspicious skb->pkt_type check

Hi John,

In commit 815cccbf ("ixgbe: add setlink, getlink support to ixgbe and
ixgbevf") this line was added:


+               if ((skb->pkt_type & (PACKET_BROADCAST | PACKET_MULTICAST)) &&
+                   !(compare_ether_addr(adapter->netdev->dev_addr,
+                                       eth_hdr(skb)->h_source))) {

This looks suspicious to me since skb->pkt_type is not a bitmask, but
holds only one value at a time,  and with this check you would also
match any value which has the lower two bits set, so PACKET_OTHERHOST,
PACKET_LOOPBACK and PACKET_FASTROUTE are also matching the first part
of the check.
-- 
Florian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ