| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jun 2024 14:32:29 -0700
From: Kuniyuki Iwashima <kuniyu@...zon.com>
To: <xiyou.wangcong@...il.com>
CC: <bpf@...r.kernel.org>, <cong.wang@...edance.com>, <fw@...len.de>,
<netdev@...r.kernel.org>,
<syzbot+0c4150bff9fff3bf023c@...kaller.appspotmail.com>, <kuniyu@...zon.com>
Subject: Re: [Patch net] net: remove the bogus overflow debug check in pskb_may_pull()
From: Cong Wang <xiyou.wangcong@...il.com>
Date: Fri, 7 Jun 2024 09:14:04 -0700
> On Fri, Jun 07, 2024 at 01:27:47AM +0200, Florian Westphal wrote:
> > Cong Wang <xiyou.wangcong@...il.com> wrote:
> > > From: Cong Wang <cong.wang@...edance.com>
> > >
> > > Commit 219eee9c0d16 ("net: skbuff: add overflow debug check to pull/push
> > > helpers") introduced an overflow debug check for pull/push helpers.
> > > For __skb_pull() this makes sense because its callers rarely check its
> > > return value. But for pskb_may_pull() it does not make sense, since its
> > > return value is properly taken care of. Remove the one in
> > > pskb_may_pull(), we can continue rely on its return value.
> >
> > See 025f8ad20f2e3264d11683aa9cbbf0083eefbdcd which would not exist
> > without this check, I would not give up yet.
>
> What's the point of that commit?
4b911a9690d7 would be better example. The warning actually found a
bug in NSH GSO.
Here's splats triggered by syzkaller using NSH over various tunnels.
https://lore.kernel.org/netdev/20240415222041.18537-2-kuniyu@amazon.com/
Powered by blists - more mailing lists