lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20240708151936.331d1096@hermes.local>
Date: Mon, 8 Jul 2024 15:19:36 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: Maks Mishin <maks.mishinfz@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH] iproute_lwtunnel: Add check for result of get_u32
 function

On Sun,  7 Jul 2024 18:49:28 +0300
Maks Mishin <maks.mishinfz@...il.com> wrote:

> Signed-off-by: Maks Mishin <maks.mishinFZ@...il.com>
> ---
>  ip/iproute_lwtunnel.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/ip/iproute_lwtunnel.c b/ip/iproute_lwtunnel.c
> index b4df4348..2946fa4d 100644
> --- a/ip/iproute_lwtunnel.c
> +++ b/ip/iproute_lwtunnel.c
> @@ -1484,7 +1484,8 @@ static int parse_encap_seg6local(struct rtattr *rta, size_t len, int *argcp,
>  				NEXT_ARG();
>  				if (hmac_ok++)
>  					duparg2("hmac", *argv);
> -				get_u32(&hmac, *argv, 0);
> +				if (get_u32(&hmac, *argv, 0) || hmac == 0)
> +					invarg("\"hmac\" value is invalid\n", *argv);
>  			} else {
>  				continue;
>  			}

There is another unchecked call to get_u32() in the same file.
Please fix all of them and add more detail in commit message.

If the get_XXX functions are modified to force checks on return value get:

iproute_lwtunnel.c: In function ‘parse_encap_seg6’:
iproute_lwtunnel.c:972:25: warning: ignoring return value of ‘get_u32’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
  972 |                         get_u32(&hmac, *argv, 0);
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~
iproute_lwtunnel.c: In function ‘parse_encap_seg6local’:
iproute_lwtunnel.c:1487:33: warning: ignoring return value of ‘get_u32’ declared with attribute ‘warn_unused_result’ [-Wunused-result]
 1487 |                                 get_u32(&hmac, *argv, 0);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ