lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 22 Apr 2020 12:12:27 +0200
From:   Paolo Abeni <pabeni@...hat.com>
To:     Bo YU <tsu.yubo@...il.com>, matthieu.baerts@...sares.net,
        davem@...emloft.net, kuba@...nel.org,
        mathew.j.martineau@...ux.intel.com
Cc:     netdev@...r.kernel.org, mptcp@...ts.01.org
Subject: Re: [PATCH V2 -next] mptcp/pm_netlink.c : add check for
 nla_put_in/6_addr

On Wed, 2020-04-22 at 09:34 +0800, Bo YU wrote:
> Normal there should be checked for nla_put_in6_addr like other
> usage in net.
> 
> Detected by CoverityScan, CID# 1461639
> 
> Fixes: 01cacb00b35c("mptcp: add netlink-based PM")
> Signed-off-by: Bo YU <tsu.yubo@...il.com>
> ---
> V2: Add check for nla_put_in_addr suggested by Paolo Abeni

Thank you for addressing my feedback!

> ---
>  net/mptcp/pm_netlink.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> index 86d61ab34c7c..0a39f0ebad76 100644
> --- a/net/mptcp/pm_netlink.c
> +++ b/net/mptcp/pm_netlink.c
> @@ -599,12 +599,15 @@ static int mptcp_nl_fill_addr(struct sk_buff *skb,
>  	    nla_put_s32(skb, MPTCP_PM_ADDR_ATTR_IF_IDX, entry->ifindex))
>  		goto nla_put_failure;
> 
> -	if (addr->family == AF_INET)
> +	if (addr->family == AF_INET &&
>  		nla_put_in_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR4,
> -				addr->addr.s_addr);
> +				addr->addr.s_addr))
> +		goto nla_put_failure;
> +

I'm very sorry about the nit-picking, but the above is now a single
statement, and indentation should be adjusted accordingly:
'nla_put_in_addr()' should be aligned with 'addr->family'.

The same applies to the chunk below.

>  #if IS_ENABLED(CONFIG_MPTCP_IPV6)
> -	else if (addr->family == AF_INET6)
> -		nla_put_in6_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR6, &addr->addr6);
> +	else if (addr->family == AF_INET6 &&
> +		nla_put_in6_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR6, &addr->addr6))
> +		goto nla_put_failure;
>  #endif
>  	nla_nest_end(skb, attr);
>  	return 0;

Otherwise LGTM, thanks!

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ