| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Jan 2020 15:20:39 -0800
From: John Fastabend <john.fastabend@...il.com>
To: John Fastabend <john.fastabend@...il.com>,
Song Liu <song@...nel.org>,
John Fastabend <john.fastabend@...il.com>
Cc: bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>
Subject: Re: [bpf PATCH 8/9] bpf: sockmap/tls, tls_push_record can not handle
zero length skmsg
John Fastabend wrote:
> Song Liu wrote:
> > On Wed, Jan 8, 2020 at 1:17 PM John Fastabend <john.fastabend@...il.com> wrote:
> > >
> > > When passed a zero length skmsg tls_push_record() causes a NULL ptr
> > > deref. To resolve for fixes do a simple length check at start of
> > > routine.
> >
> > Could you please include the stack dump for the NULL deref?
> >
> > Thanks,
> > Song
>
> Sure I'll send a v2 with the stack dump.
Hi Song, I'm having a bit of trouble reproducing this now. I'm going to
drop this patch from the series for now and see if something changed in
crypto layers or elsewhere. I originally saw this on a bit older kernel
so something might changed. Feels a bit like a work-around anyways so
I'll dig into it a bit more.
Either way I'll try and understand this a bit better. Thanks for the
question.
Powered by blists - more mailing lists