| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 16 Mar 2014 12:50:31 +0800
From: lucien xin <lucien.xin@...il.com>
To: lucien xin <lucien.xin@...il.com>,
network dev <netdev@...r.kernel.org>,
Gao feng <gaofeng@...fujitsu.com>
Subject: Re: [PATCH] ipv6: ip6_append_data_mtu do not handle the mtu of the
second fragment properly
On Sat, Mar 15, 2014 at 11:55 PM, Hannes Frederic Sowa
<hannes@...essinduktion.org> wrote:
> On Thu, Mar 13, 2014 at 01:38:15PM +0800, lucien xin wrote:
>> On Wed, Mar 12, 2014 at 6:26 PM, Hannes Frederic Sowa
>> <hannes@...essinduktion.org> wrote:
>> > On Wed, Mar 12, 2014 at 10:40:50AM +0800, lucien xin wrote:
>> >
>> > It would be possible if we are absolutely sure if we don't call
>> > ip6_append_data_mtu a second time, which I have not yet reviewed.
>> >
>> > The line I proposed above may also suffer from this problem.
>> >
>> > Maybe you already checked that?
>> >
>> hmm... this problem do exist. when it enter "the while( length>0 ){
>> }" with skb != NULL first, the problem
>> will happen, of course, perhaps there are also other cases that
>> trigger that problem. because that code seems
>> a little mess, I hope the following change can make it more clear and
>> eliminate potential insecurity,
>> pls help to check it
>
> The diff is good, thanks!
>
okay , I'll repost it.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists