| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALx6S35pfPWTNV9w_k7tpykEyM0=PBzgsh5vtNztWxv1Gz+LJA@mail.gmail.com> Date: Wed, 24 Feb 2016 10:14:49 -0800 From: Tom Herbert <tom@...bertland.com> To: Alexander Duyck <aduyck@...antis.com> Cc: Linux Kernel Network Developers <netdev@...r.kernel.org>, "David S. Miller" <davem@...emloft.net>, Alexander Duyck <alexander.duyck@...il.com> Subject: Re: [net-next PATCH 3/5] flow_dissector: Correctly handle parsing FCoE On Wed, Feb 24, 2016 at 9:29 AM, Alexander Duyck <aduyck@...antis.com> wrote: > The flow dissector bits handling FCoE didn't bother to actually validate > that the space there was enough for the FCoE header. So we need to update > things so that if there is room we add the header and report a good result, > otherwise we do not add the header, and report the bad result. > > Signed-off-by: Alexander Duyck <aduyck@...antis.com> Acked-by: Tom Herbert <tom@...bertland.com> > --- > net/core/flow_dissector.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c > index 8bd745f72734..6288153d7f36 100644 > --- a/net/core/flow_dissector.c > +++ b/net/core/flow_dissector.c > @@ -340,8 +340,11 @@ mpls: > } > > case htons(ETH_P_FCOE): > - key_control->thoff = (u16)(nhoff + FCOE_HEADER_LEN); > - /* fall through */ > + if ((hlen - nhoff) < FCOE_HEADER_LEN) > + goto out_bad; > + > + nhoff += FCOE_HEADER_LEN; > + goto out_good; > default: > goto out_bad; > } >
Powered by blists - more mailing lists