lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 1 Nov 2018 16:42:35 +0300
From:   Alexey Kodanev <alexey.kodanev@...cle.com>
To:     David Ahern <dsahern@...il.com>, netdev@...r.kernel.org
Cc:     David Miller <davem@...emloft.net>
Subject: Re: [PATCH net] rtnetlink: invoke 'cb->done' destructor before
 'cb->args' reset

On 11/01/2018 04:11 PM, Alexey Kodanev wrote:
> On 10/31/2018 08:35 PM, David Ahern wrote:
>> On 10/31/18 10:55 AM, David Ahern wrote:
>>> I think the simplest fix for 4.20 is to break the loop if ret is non-0 -
>>> restore the previous behavior. 
>>
>> that is the only recourse. It has to bail if ret is non-0. Do you want
>> to send a patch with that fix?
>>
> 
> I see, and inet6_dump_fib() cleanups fib6_walker if ret is zero. Will send the fix.

Can it happen that inet6_dump_fib() returns skb->len (0) in the below cases?

* 	if (arg.filter.flags & RTM_F_CLONED)
		return skb->len;

        ...

	w = (void *)cb->args[2];
	if (!w) {
		...
		w = kzalloc(...)
                ...

* 	if (arg.filter.table_id) {
                ...
		if (!tb) {
			if (arg.filter.dump_all_families)
				return skb->len;


Would it be safer to add "res = skb->len; goto out;" instead of "return skb->len;"
so that it can call fib6_dump_end() for "res <= 0"? Or use cb->data instead of
cb->args?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ