| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Mar 2019 10:29:37 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: linmiaohe@...wei.com
Cc: kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
mingfangsen@...wei.com
Subject: Re: [PATCH net] net: sit: fix UBSAN Undefined behaviour in
check_6rd
From: linmiaohe <linmiaohe@...wei.com>
Date: Mon, 11 Mar 2019 16:29:32 +0800
> @@ -778,8 +778,9 @@ static bool check_6rd(struct ip_tunnel *tunnel, const struct in6_addr *v6dst,
> pbw0 = tunnel->ip6rd.prefixlen >> 5;
> pbi0 = tunnel->ip6rd.prefixlen & 0x1f;
>
> - d = (ntohl(v6dst->s6_addr32[pbw0]) << pbi0) >>
> - tunnel->ip6rd.relay_prefixlen;
> + d = tunnel->ip6rd.relay_prefixlen < 32 ?
> + (ntohl(v6dst->s6_addr32[pbw0]) << pbi0) >>
> + tunnel->ip6rd.relay_prefixlen : 0;
>
I hate the fact that we have to guard against something which the rest
of the code makes sure NEVER EVER happens.
Every assignment of ->relay_prefixlen is guarded by a check against 32.
I don't like this at all, and I have to put my foot down somehow.
So I'm not applying this, sorry.
Powered by blists - more mailing lists