| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200427061055.4058-1-jiri@resnulli.us>
Date: Mon, 27 Apr 2020 08:10:55 +0200
From: Jiri Pirko <jiri@...nulli.us>
To: netdev@...r.kernel.org
Cc: stephen@...workplumber.org, dsahern@...il.com,
alexanderk@...lanox.com, mlxsw@...lanox.com
Subject: [patch iproute2] tc: m_action: check cookie hex string len
From: Jiri Pirko <jiri@...lanox.com>
Check the cookie hex string len is dividable by 2 as the valid hex
string always should be.
Reported-by: Alex Kushnarov <alexanderk@...lanox.com>
Signed-off-by: Jiri Pirko <jiri@...lanox.com>
---
tc/m_action.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tc/m_action.c b/tc/m_action.c
index 108329db29d0..b41782de9a02 100644
--- a/tc/m_action.c
+++ b/tc/m_action.c
@@ -291,7 +291,8 @@ done0:
invarg(cookie_err_m, *argv);
}
- if (hex2mem(*argv, act_ck, slen / 2) < 0)
+ if (slen % 2 ||
+ hex2mem(*argv, act_ck, slen / 2) < 0)
invarg("cookie must be a hex string\n",
*argv);
--
2.21.1
Powered by blists - more mailing lists