lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20200728.173341.1412402860749304096.davem@davemloft.net>
Date:   Tue, 28 Jul 2020 17:33:41 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     bkkarthik@...u.pes.edu
Cc:     herbert@...dor.apana.org.au, kuznet@....inr.ac.ru,
        yoshfuji@...ux-ipv6.org, kuba@...nel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, gregkh@...uxfoundation.org,
        skhan@...uxfounation.org
Subject: Re: [PATCH] net: ipv6: fix slab-out-of-bounds Read in
 __xfrm6_tunnel_spi_check

From: B K Karthik <bkkarthik@...u.pes.edu>
Date: Sat, 25 Jul 2020 19:00:31 +0530

> use spi_byaddr instead of spi_byspi
 ...
> diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c
> index 25b7ebda2fab..cab7693ccfe3 100644
> --- a/net/ipv6/xfrm6_tunnel.c
> +++ b/net/ipv6/xfrm6_tunnel.c
> @@ -103,10 +103,10 @@ static int __xfrm6_tunnel_spi_check(struct net *net, u32 spi)
>  {
>  	struct xfrm6_tunnel_net *xfrm6_tn = xfrm6_tunnel_pernet(net);
>  	struct xfrm6_tunnel_spi *x6spi;
> -	int index = xfrm6_tunnel_spi_hash_byspi(spi);
> +	int index = xfrm6_tunnel_spi_hash_byaddr(spi);

You are passing a u32 integer into a function that expects a pointer as an
argument.

This change isn't even compile tested properly, let alone run tested.

Please stop making such careless submissions, this takes up valuable
developer patch review resources.

Thank you.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ