| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180713151541.m6ksulnjb6qsh24w@mwanda>
Date: Fri, 13 Jul 2018 18:15:41 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Colin Ian King <colin.king@...onical.com>
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>, netdev@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH 1/2] samples: bpf: ensure that we don't load over
MAX_PROGS programs
On Fri, Jul 13, 2018 at 04:13:30PM +0100, Colin Ian King wrote:
> On 13/07/18 16:11, Dan Carpenter wrote:
> > I can't see that we check prog_cnt to ensure it doesn't go over
> > MAX_PROGS.
> >
> > Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
> >
> > diff --git a/samples/bpf/bpf_load.c b/samples/bpf/bpf_load.c
> > index 89161c9ed466..904e775d1a44 100644
> > --- a/samples/bpf/bpf_load.c
> > +++ b/samples/bpf/bpf_load.c
> > @@ -107,6 +107,9 @@ static int load_and_attach(const char *event, struct bpf_insn *prog, int size)
> > return -1;
> > }
> >
> > + if (prog_cnt == MAX_PROGS)
> > + return -1;
> > +
>
> Should that be "if (prog_cnt >= MAX_PROGS)" ?
It's incremented one at a time so it can't go over.
regards,
dan carpenter
Powered by blists - more mailing lists