lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 24 Jul 2023 20:59:53 -0700
From: Joe Perches <joe@...ches.com>
To: Jakub Kicinski <kuba@...nel.org>, Lin Ma <linma@....edu.cn>
Cc: jhs@...atatu.com, xiyou.wangcong@...il.com, jiri@...nulli.us, 
	davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com, 
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net/sched: mqprio: Add length check for
 TCA_MQPRIO_{MAX/MIN}_RATE64

On Mon, 2023-07-24 at 17:56 -0700, Jakub Kicinski wrote:
> On Tue, 25 Jul 2023 08:15:39 +0800 (GMT+08:00) Lin Ma wrote:
> > > > The nla_for_each_nested parsing in function mqprio_parse_nlattr() does
> > > > not check the length of the nested attribute. This can lead to an
> > > > out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
> > > > be viewed as 8 byte integer and passed to priv->max_rate/min_rate.
> > > > 
> > > > This patch adds the check based on nla_len() when check the nla_type(),
> > > > which ensures that the length of these two attribute must equals
> > > > sizeof(u64).  
> > > 
> > > How do you run get_maintainer? You didn't CC the author of the code.  
> > 
> > That's weird, I just ran code below and send this patch to all 9 emails poped out.
> > 
> > # ./scripts/get_maintainer.pl net/sched/sch_mqprio.c
> 
> Joe, here's another case.

What do you think the "case" is here?

Do you think John Fastabend, who hasn't touched the file in 7+ years
should be cc'd?  Why?

> Lin Ma, you need to run the script on the file generated by 
> git format-patch, rather than the file path. That gives better
> coverage for keywords included in the commit message (especially 
> the Fixes tag). Please rerun it on the patch and repost with 
> the right CC list.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ