| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <dc7d16bce9114bce8292ad07835fc083@AcuMS.aculab.com>
Date: Mon, 31 May 2021 10:13:07 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'David Ahern' <dsahern@...il.com>, Xin Long <lucien.xin@...il.com>,
"Jakub Kicinski" <kuba@...nel.org>
CC: network dev <netdev@...r.kernel.org>, davem <davem@...emloft.net>,
"Eric Dumazet" <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>
Subject: RE: [PATCH net] udp: fix the len check in udp_lib_getsockopt
From: David Ahern
> Sent: 29 May 2021 02:58
>
> On 5/28/21 7:47 PM, Xin Long wrote:
> > The partial byte(or even 0) of the value returned due to passing a wrong
> > optlen should be considered as an error. "On error, -1 is returned, and
> > errno is set appropriately.". Success returned in that case only confuses
> > the user.
>
> It is feasible that some app could use bool or u8 for options that have
> 0 or 1 values and that code has so far worked. This change would break that.
Especially since the code is also likely to ignore the return
value since the call isn't excepted to actually fail!
Most (but not all) ABI have 'bool' defined the same as 'u32'.
However there will be code that uses 'char' (especially for
setsockopt) and expects it to work.
(And it probably always has done on LE systems.)
A certain other common OS defines the argument as either BOOL
or DWORD - both of which are 32bit.
But I believe it works fine if 'char' is used.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists