| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3cb9f28c-534f-701a-19bf-63ebadac303f@huawei.com>
Date: Sat, 29 Dec 2018 14:46:50 +0800
From: YueHaibing <yuehaibing@...wei.com>
To: David Miller <davem@...emloft.net>
CC: <kuznet@....inr.ac.ru>, <yoshfuji@...ux-ipv6.org>,
<linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>
Subject: Re: [PATCH] ipv4: fib_rules: Fix possible infinite loop in
fib_empty_table
On 2018/12/29 13:15, David Miller wrote:
> From: YueHaibing <yuehaibing@...wei.com>
> Date: Wed, 26 Dec 2018 16:34:20 +0800
>
>> diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c
>> index f8eb78d..1567e12 100644
>> --- a/net/ipv4/fib_rules.c
>> +++ b/net/ipv4/fib_rules.c
>> @@ -200,9 +200,13 @@ static struct fib_table *fib_empty_table(struct net *net)
>> {
>> u32 id;
>>
>> - for (id = 1; id <= RT_TABLE_MAX; id++)
>> + for (id = 1; id <= RT_TABLE_MAX; id++) {
>> if (!fib_get_table(net, id))
>> return fib_new_table(net, id);
>> +
>> + if (id == RT_TABLE_MAX)
>> + break;
>> + }
>> return NULL;
>> }
>
> The loop now has two exit conditions, one of which (by your analysis
> is completely impossible).
>
Thanks, will do it in v2.
> Please clean this up into a loop with better structure and no
> impossible tests. One approach could be simply:
>
> id = 1;
> while (1) {
> ...
> if (id++ == RT_TABLE_MAX)
> break;
> }
>
> Or even:
>
> id = 0;
> while (++id) {
> ...
> }
>
> .
>
Powered by blists - more mailing lists