lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202309291123.FAE665CC7@keescook> Date: Fri, 29 Sep 2023 11:24:56 -0700 From: Kees Cook <keescook@...omium.org> To: "Gustavo A. R. Silva" <gustavoars@...nel.org> Cc: Jamal Hadi Salim <jhs@...atatu.com>, Jakub Kicinski <kuba@...nel.org>, Cong Wang <xiyou.wangcong@...il.com>, Jiri Pirko <jiri@...nulli.us>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH][next] net: sched: cls_u32: Fix allocation in u32_init() On Mon, Aug 21, 2023 at 11:48:02AM -0700, Jakub Kicinski wrote: > On Mon, 21 Aug 2023 10:35:29 -0400 Jamal Hadi Salim wrote: > > > Sure, but why are you doing this? And how do you know the change is > > > correct? > > > > > > There are 2 other instances where we allocate 1 entry or +1 entry. > > > Are they not all wrong? > > > > > > Also some walking code seems to walk <= divisor, divisor IIUC being > > > the array bound - 1? > > > > > > Jamal acked so changes are this is right, but I'd really like to > > > understand what's going on, and I shouldn't have to ask you all > > > these questions :S > > > > This is a "bug fix" given that the structure had no zero array > > construct as was implied by d61491a51f7e . I didnt want to call it out > > as a bug fix (for -net) because existing code was not harmful but > > allocated extra memory which this patch gives back. > > The other instances have a legit need for "flexible array". > > Based on the link provided it seems like the Fixes comes in because > someone reported compilation issues. But from the thread it seems > like the problem only appears when sizeof_struct() is modified. > In which case - you're right, Fixes and Reported-by tags should go. Gustavo, can you please respin this with an updated commit log and adjusted tags for netdev to pick up? -- Kees Cook
Powered by blists - more mailing lists