| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.11.1507102139530.1754@ja.home.ssi.bg> Date: Fri, 10 Jul 2015 21:57:31 +0300 (EEST) From: Julian Anastasov <ja@....bg> To: Thomas Graf <tgraf@...g.ch> cc: roopa@...ulusnetworks.com, rshearma@...cade.com, ebiederm@...ssion.com, hannes@...essinduktion.org, pshelar@...ira.com, jesse@...ira.com, davem@...emloft.net, daniel@...earbox.net, tom@...bertland.com, edumazet@...gle.com, jiri@...nulli.us, marcelo.leitner@...il.com, stephen@...workplumber.org, jpettit@...ira.com, kaber@...sh.net, netdev@...r.kernel.org, dev@...nvswitch.org Subject: Re: [RFC net-next 11/22] dst: Metadata destinations Hello, On Fri, 10 Jul 2015, Thomas Graf wrote: > --- a/net/ipv4/route.c > +++ b/net/ipv4/route.c > @@ -1691,6 +1691,8 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, > by fib_lookup. > */ > > + skb_dst_drop(skb); > + This is not very safe. There are places that call ip_route_input() for temporary lookups and they do not set NULL. For example, icmp_route_lookup(), may be there are other such places... OTOH, ip_options_rcv_srr() looks correct to use skb_dst_set(skb, NULL), may be such call should be added if it is missing... > if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) > goto martian_source; Regards -- Julian Anastasov <ja@....bg> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists