lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 12:58:58 -0700 From: Stanislav Fomichev <sdf@...gle.com> To: netdev@...r.kernel.org, bpf@...r.kernel.org Cc: davem@...emloft.net, ast@...nel.org, daniel@...earbox.net, simon.horman@...ronome.com, willemb@...gle.com, peterpenkov96@...il.com, Stanislav Fomichev <sdf@...gle.com> Subject: [RFC bpf-next v3 3/8] flow_dissector: fix clamping of BPF flow_keys for non-zero nhoff Don't allow BPF program to set flow_keys->nhoff to less than initial value. We currently don't read the value afterwards in anything but the tests, but it's still a good practice to return consistent values to the test programs. Signed-off-by: Stanislav Fomichev <sdf@...gle.com> --- net/core/flow_dissector.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index 0dac3382e841..3b35fc35f583 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -716,7 +716,7 @@ bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, result = BPF_PROG_RUN(prog, ctx); - flow_keys->nhoff = clamp_t(u16, flow_keys->nhoff, 0, hlen); + flow_keys->nhoff = clamp_t(u16, flow_keys->nhoff, nhoff, hlen); flow_keys->thoff = clamp_t(u16, flow_keys->thoff, flow_keys->nhoff, hlen); -- 2.21.0.392.gf8f6787159e-goog
Powered by blists - more mailing lists