| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140117101835.GQ7444@mwanda>
Date: Fri, 17 Jan 2014 13:18:35 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Johannes Berg <johannes@...solutions.net>
Cc: Henrique de Moraes Holschuh <hmh@....eng.br>,
Julia Lawall <julia.lawall@...6.fr>,
kernel-janitors@...r.kernel.org,
Emmanuel Grumbach <emmanuel.grumbach@...el.com>,
Intel Linux Wireless <ilw@...ux.intel.com>,
"John W. Linville" <linville@...driver.com>,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4/11] use ether_addr_equal_64bits
We're worried about reading beyond the end of the array and it's a heap
allocation and the last char of the eth addr is the last byte of the
page. This causes an oops.
It's almost impossible to hit that bug.
1) You would have to have the eth addr at the end of the array.
2) It would have to be a packed struct.
3) The struct size would have to be a multiple of 4 because otherwise we
can't put it at the end of the page.
4) It would need to be allocated on the heap.
You add all those up which is pretty rare so I wasn't able to find
anything like that. Then you have to get extremely unlucky.
The closest thing I could find were a couple places like like:
static struct mac_addr null_mac_addr = { { 0, 0, 0, 0, 0, 0 } };
It meets criteria 1 and 2 but not 3 and 4.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists