lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 12 Feb 2016 13:25:15 +0000
From:	Rainer Weikusat <>
To:	Philipp Hahn <>
Cc:	Ben Hutchings <>,
	Hannes Frederic Sowa <>,
	Sasha Levin <>,
	"David S. Miller" <>,, Karolin Seeger <>,
	Jason Baron <>,
	Greg Kroah-Hartman <>,
	Arvid Requate <>,
	Stefan Gohmann <>,
Subject: Re: [PATCH net] af_unix: Guard against other == sk in unix_dgram_sendmsg

Philipp Hahn <> writes:

> Hello Rainer,
> Am 11.02.2016 um 20:37 schrieb Rainer Weikusat:
>> The unix_dgram_sendmsg routine use the following test
>> if (unlikely(unix_peer(other) != sk && unix_recvq_full(other))) {


>> This isn't correct as the> specified address could have been bound to
>> the sending socket itself


> After applying that patch at least my machine running the samba test no
> longer crashes.

There's a possible gotcha in there: Send-to-self used to be limited by
the queue limit. But the rationale for that (IIRC) was that someone
could keep using newly created sockets to queue ever more data to a
single, unrelated receiver. I don't think this should apply when
receiving and sending sockets are identical. But that's just my
opinion. The other option would be to avoid the unix_state_double_lock
for sk == other. I'd be willing to change this accordingly if someone
thinks the queue limit should apply to send-to-self.

Powered by blists - more mailing lists