lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <393ec81c-52b4-842b-1ecd-4ffc29743665@suse.com>
Date:   Mon, 14 Feb 2022 20:30:02 +0100
From:   Oliver Neukum <oneukum@...e.com>
To:     Bjørn Mork <bjorn@...k.no>,
        Alan Stern <stern@...land.harvard.edu>
CC:     Hans Petter Selasky <hps@...asky.org>,
        Oliver Neukum <oneukum@...e.com>, linux-usb@...r.kernel.org,
        netdev@...r.kernel.org
Subject: Re: [RFC] CDC-NCM: avoid overflow in sanity checking


On 11.02.22 08:17, Bjørn Mork wrote:
> Alan Stern <stern@...land.harvard.edu> writes:
>
>
> Only  is that the existing code wants the inverted result:
>
>  	if (offset > skb_in->len || len > skb_in->len - offset) ...
>
> with all values unsigned.

Its logic is

if (!sane(fragment))
    continue;
process(fragment);

rather than

if (sane(fragment))
    process(fragment);

A simple matter of inversion.

> And there you point out my problem:  discipline :-)
>
Do we still agree that unsigned integers are the better option?

    Regards
        Oliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ