| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171127214127.GA12922@embeddedor.com>
Date: Mon, 27 Nov 2017 15:41:27 -0600
From: "Gustavo A. R. Silva" <garsilva@...eddedor.com>
To: David Howells <dhowells@...hat.com>,
"David S. Miller" <davem@...emloft.net>
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
"Gustavo A. R. Silva" <garsilva@...eddedor.com>
Subject: [PATCH v2] rxrpc: sendmsg: Fix variable overwrite in
rxrpc_queue_packet
Value assigned to variable resend_at is overwritten before it can be used.
The correct fix here is to add _now_ to the previously computed value in
resend_at.
Addresses-Coverity-ID: 1462262
Fixes: beb8e5e4f38c ("rxrpc: Express protocol timeouts in terms of RTT")
Link: https://marc.info/?i=17004.1511808959%40warthog.procyon.org.uk
Signed-off-by: Gustavo A. R. Silva <garsilva@...eddedor.com>
---
Changes in v2:
Update value in resend_at instead of removing the code.
net/rxrpc/sendmsg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/rxrpc/sendmsg.c b/net/rxrpc/sendmsg.c
index a1c53ac..09f2a3e 100644
--- a/net/rxrpc/sendmsg.c
+++ b/net/rxrpc/sendmsg.c
@@ -233,7 +233,7 @@ static void rxrpc_queue_packet(struct rxrpc_sock *rx, struct rxrpc_call *call,
if (resend_at < 1)
resend_at = 1;
- resend_at = now + rxrpc_resend_timeout;
+ resend_at += now;
WRITE_ONCE(call->resend_at, resend_at);
rxrpc_reduce_call_timer(call, resend_at, now,
rxrpc_timer_set_for_send);
--
2.7.4
Powered by blists - more mailing lists