lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 29 Apr 2020 21:21:15 +0200
From:   Johannes Berg <johannes@...solutions.net>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     netdev@...r.kernel.org, Antonio Quartulli <ordex@...istici.org>,
        linux-wireless@...r.kernel.org
Subject: Re: [PATCH 4/7] netlink: extend policy range validation

On Wed, 2020-04-29 at 11:10 -0700, Jakub Kicinski wrote:

> > +static int nla_validate_int_range_unsigned(const struct nla_policy *pt,
> > +					   const struct nlattr *nla,
> > +					   struct netlink_ext_ack *extack)
> >  {
> > -	bool validate_min, validate_max;
> > -	s64 value;
> > +	struct netlink_range_validation _range = {
> > +		.min = 0,
> > +		.max = U64_MAX,
> > +	}, *range = &_range;
> > +	u64 value;
> >  
> > -	validate_min = pt->validation_type == NLA_VALIDATE_RANGE ||
> > -		       pt->validation_type == NLA_VALIDATE_MIN;
> > -	validate_max = pt->validation_type == NLA_VALIDATE_RANGE ||
> > -		       pt->validation_type == NLA_VALIDATE_MAX;
> > +	WARN_ON_ONCE(pt->min < 0 || pt->max < 0);
> 
> I'm probably missing something, but in case of NLA_VALIDATE_RANGE_PTR
> aren't min and max invalid (union has the range pointer set, so this
> will read 2 bytes of the pointer).

No, you're right of course. It's reading 4 bytes, actually, they're both
s16. Which I did because that's the maximum range that doesn't increase
the size on 32-bit.

I could move it into the switch, but, hm.. the unused ones (min/max if
only one is used) should be 0, so I guess just

	WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
                     (pt->min < 0 || pt->max < 0));

will be fine.

Thanks!

johannes


Powered by blists - more mailing lists