| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <566B5358.4060200@cumulusnetworks.com>
Date: Fri, 11 Dec 2015 14:51:04 -0800
From: roopa <roopa@...ulusnetworks.com>
To: Robert Shearman <rshearma@...cade.com>
CC: ebiederm@...ssion.com, davem@...emloft.net, netdev@...r.kernel.org,
sam.h.russell@...il.com
Subject: Re: [PATCH net 1/4] mpls: validate L2 via address length
On 12/10/15, 11:30 AM, Robert Shearman wrote:
> If an L2 via address for an mpls nexthop is specified, the length of
> the L2 address must match that expected by the output device,
> otherwise it could access memory beyond the end of the via address
> buffer in the route.
>
> This check was present prior to commit f8efb73c97e2 ("mpls: multipath
> route support"), but got lost in the refactoring, so add it back,
> applying it to all nexthops in multipath routes.
>
> Fixes: f8efb73c97e2 ("mpls: multipath route support")
> Signed-off-by: Robert Shearman <rshearma@...cade.com>
> ---
> net/mpls/af_mpls.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
> index c70d750148b6..3be29cb1f658 100644
> --- a/net/mpls/af_mpls.c
> +++ b/net/mpls/af_mpls.c
> @@ -534,6 +534,10 @@ static int mpls_nh_assign_dev(struct net *net, struct mpls_route *rt,
> if (!mpls_dev_get(dev))
> goto errout;
>
> + if ((nh->nh_via_table == NEIGH_LINK_TABLE) &&
> + (dev->addr_len != nh->nh_via_alen))
> + goto errout;
> +
>
Robert, seems like the right place for this check is nla_get_via ?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists