| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKH8qBuPws+aYA-+sbqA2-NEPXNjmmHVGfU99Xb1LD7LomAa3A@mail.gmail.com>
Date: Tue, 1 Mar 2022 08:38:22 -0800
From: Stanislav Fomichev <sdf@...gle.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: netdev@...r.kernel.org, bpf@...r.kernel.org, ast@...nel.org,
andrii@...nel.org, Lorenzo Bianconi <lorenzo@...nel.org>
Subject: Re: [PATCH bpf-next] bpf: test_run: Fix overflow in xdp frags bpf_test_finish
On Tue, Mar 1, 2022 at 8:33 AM Daniel Borkmann <daniel@...earbox.net> wrote:
>
> On 3/1/22 12:23 AM, Stanislav Fomichev wrote:
> > Syzkaller reports another issue:
> > WARNING: CPU: 0 PID: 10775 at include/linux/thread_info.h:230
> > check_copy_size include/linux/thread_info.h:230 [inline]
> > WARNING: CPU: 0 PID: 10775 at include/linux/thread_info.h:230
> > copy_to_user include/linux/uaccess.h:199 [inline]
> > WARNING: CPU: 0 PID: 10775 at include/linux/thread_info.h:230
> > bpf_test_finish.isra.0+0x4b2/0x680 net/bpf/test_run.c:171
> >
> > This can happen when the userspace buffer is smaller than head+frags.
> > Return ENOSPC in this case.
> >
> > Fixes: 7855e0db150a ("bpf: test_run: add xdp_shared_info pointer in bpf_test_finish signature")
> > Cc: Lorenzo Bianconi <lorenzo@...nel.org>
> > Signed-off-by: Stanislav Fomichev <sdf@...gle.com>
>
> Do we have a Reported-by tag for syzkaller so it can match against its report?
Oops, sorry, totally forgot:
Reported-by: syzbot+5f81df6205ecbbc56ab5@...kaller.appspotmail.com
Powered by blists - more mailing lists