lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8546038508824f0a440f40bb9eef7ede61d223bb.camel@redhat.com>
Date:   Thu, 23 Apr 2020 10:34:54 +0200
From:   Paolo Abeni <pabeni@...hat.com>
To:     Bo YU <tsu.yubo@...il.com>, matthieu.baerts@...sares.net,
        davem@...emloft.net, kuba@...nel.org,
        mathew.j.martineau@...ux.intel.com
Cc:     netdev@...r.kernel.org, mptcp@...ts.01.org
Subject: Re: [PATCH V3 -next] mptcp/pm_netlink.c : add check for
 nla_put_in/6_addr

On Thu, 2020-04-23 at 10:10 +0800, Bo YU wrote:
> Normal there should be checked for nla_put_in6_addr like other
> usage in net.
> 
> Detected by CoverityScan, CID# 1461639
> 
> Fixes: 01cacb00b35c("mptcp: add netlink-based PM")
> Signed-off-by: Bo YU <tsu.yubo@...il.com>
> ---
> V3: fix code style, thanks for Paolo
> 
> V2: Add check for nla_put_in_addr suggested by Paolo Abeni
> ---
>  net/mptcp/pm_netlink.c | 12 +++++++-----
>  1 file changed, 7 insertions(+), 5 deletions(-)
> 
> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> index 86d61ab34c7c..b78edf237ba0 100644
> --- a/net/mptcp/pm_netlink.c
> +++ b/net/mptcp/pm_netlink.c
> @@ -599,12 +599,14 @@ static int mptcp_nl_fill_addr(struct sk_buff *skb,
>  	    nla_put_s32(skb, MPTCP_PM_ADDR_ATTR_IF_IDX, entry->ifindex))
>  		goto nla_put_failure;
> 
> -	if (addr->family == AF_INET)
> -		nla_put_in_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR4,
> -				addr->addr.s_addr);
> +	if (addr->family == AF_INET &&
> +	    nla_put_in_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR4,
> +			    addr->addr.s_addr))
> +		goto nla_put_failure;
>  #if IS_ENABLED(CONFIG_MPTCP_IPV6)
> -	else if (addr->family == AF_INET6)
> -		nla_put_in6_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR6, &addr->addr6);
> +	else if (addr->family == AF_INET6 &&
> +		 nla_put_in6_addr(skb, MPTCP_PM_ADDR_ATTR_ADDR6, &addr->addr6))
> +		goto nla_put_failure;
>  #endif
>  	nla_nest_end(skb, attr);
>  	return 0;
> --
> 2.11.0

Thanks for addressing my feedback!

Acked-by: Paolo Abeni <pabeni@...hat.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ