| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170821171546.GA15994@orbyte.nwl.cc>
Date: Mon, 21 Aug 2017 19:15:47 +0200
From: Phil Sutter <phil@....cc>
To: David Laight <David.Laight@...LAB.COM>
Cc: Stephen Hemminger <stephen@...workplumber.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: [iproute PATCH v3 4/5] tc/tc_filter: Make sure filter name is
not empty
On Mon, Aug 21, 2017 at 02:53:46PM +0000, David Laight wrote:
> From: Phil Sutter
> > Sent: 21 August 2017 11:03
> > To: Stephen Hemminger
> > Cc: netdev@...r.kernel.org
> > Subject: [iproute PATCH v3 4/5] tc/tc_filter: Make sure filter name is not empty
> >
> > The later check for 'k[0] != 0' requires a non-empty filter name,
> > otherwise NULL pointer dereference in 'q' might happen.
> >
> > Signed-off-by: Phil Sutter <phil@....cc>
> > ---
> > Changes since v2:
> > - Instead of calling strlen(), just make sure **argv is not 0.
> > ---
> > tc/tc_filter.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/tc/tc_filter.c b/tc/tc_filter.c
> > index b13fb9185d4fd..cf290ae8e252c 100644
> > --- a/tc/tc_filter.c
> > +++ b/tc/tc_filter.c
> > @@ -412,6 +412,9 @@ static int tc_filter_get(int cmd, unsigned int flags, int argc, char **argv)
> > usage();
> > return 0;
> > } else {
> > + if (!**argv)
> > + invarg("invalid filter name", *argv);
> > +
>
> The error message won't make sense...
Hmm. It would print:
| Error: argument "" is wrong: invalid filter name
Since this parameter is not introduced by a previous one, I don't think
the error message could be made more precise. Do you have a better
suggestion?
Thanks, Phil
Powered by blists - more mailing lists