| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1137d26fb5fc1ca7070f8012ec588116a29a1c8a.camel@redhat.com> Date: Thu, 18 Jan 2024 13:19:39 +0100 From: Paolo Abeni <pabeni@...hat.com> To: Lin Ma <linma@....edu.cn>, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH net-next v1] vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING On Wed, 2024-01-17 at 23:38 +0800, Lin Ma wrote: > In the vlan_changelink function, a loop is used to parse the nested > attributes IFLA_VLAN_EGRESS_QOS and IFLA_VLAN_INGRESS_QOS in order to > obtain the struct ifla_vlan_qos_mapping. These two nested attributes are > checked in the vlan_validate_qos_map function, which calls > nla_validate_nested_deprecated with the vlan_map_policy. > > However, this deprecated validator applies a LIBERAL strictness, allowing > the presence of an attribute with the type IFLA_VLAN_QOS_UNSPEC. > Consequently, the loop in vlan_changelink may parse an attribute of type > IFLA_VLAN_QOS_UNSPEC and believe it carries a payload of > struct ifla_vlan_qos_mapping, which is not necessarily true. > > To address this issue and ensure compatibility, this patch introduces two > type checks that skip attributes whose type is not IFLA_VLAN_QOS_MAPPING. > > Signed-off-by: Lin Ma <linma@....edu.cn> Why are you targeting net-next? this looks like a fix suitable for 'net' - with a proper fixes tag. Cheers, Paolo
Powered by blists - more mailing lists