lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Apr 2019 09:19:53 -0700 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> Cc: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, "David S. Miller" <davem@...emloft.net>, Network Development <netdev@...r.kernel.org>, Andrey Ignatov <rdna@...com> Subject: Re: [PATCH 8/9] bpf: Check address length before reading address family On Fri, Apr 12, 2019 at 3:56 AM Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> wrote: > > KMSAN will complain if valid address length passed to bpf_bind() is > shorter than sizeof("struct sockaddr"->sa_family) bytes. > > Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp> > --- > net/core/filter.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/net/core/filter.c b/net/core/filter.c > index 41f633cf4fc1..b9089fda4367 100644 > --- a/net/core/filter.c > +++ b/net/core/filter.c > @@ -4458,6 +4458,8 @@ BPF_CALL_3(bpf_bind, struct bpf_sock_addr_kern *, ctx, struct sockaddr *, addr, > * Only binding to IP is supported. > */ > err = -EINVAL; > + if (addr_len < offsetofend(struct sockaddr, sa_family)) > + return err; the verifier will check that addr_len is not zero, but it can be one byte, so it's a good check. Thanks! > if (addr->sa_family == AF_INET) { > if (addr_len < sizeof(struct sockaddr_in)) > return err; > -- > 2.16.5 >
Powered by blists - more mailing lists