lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250418171558.14d7c10d@kernel.org>
Date: Fri, 18 Apr 2025 17:15:58 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Fedor Pchelkin <pchelkin@...ras.ru>
Cc: Michal Swiatkowski <michal.swiatkowski@...ux.intel.com>, Mammatha Edhala
 <mammatha.edhala@...lex.com>, Ajit Khaparde <ajit.khaparde@...adcom.com>,
 Sriharsha Basavapatna <sriharsha.basavapatna@...adcom.com>, Padmanabh
 Ratnakar <padmanabh.ratnakar@...lex.com>, "netdev@...r.kernel.org"
 <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org"
 <linux-kernel@...r.kernel.org>, Ваторопин Андрей <a.vatoropin@...t.ru>, Somnath Kotur
 <somnath.kotur@...adcom.com>, Andrew Lunn <andrew+netdev@...n.ch>, Eric
 Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, "David S.
 Miller" <davem@...emloft.net>, "lvc-project@...uxtesting.org"
 <lvc-project@...uxtesting.org>
Subject: Re: [PATCH] be2net: Remove potential access to the zero address

On Fri, 18 Apr 2025 10:50:43 +0300 Fedor Pchelkin wrote:
> On Thu, 17. Apr 19:54, Jakub Kicinski wrote:
> > On Wed, 16 Apr 2025 13:32:29 +0200 Michal Swiatkowski wrote:  
> > > > At the moment of calling the function be_cmd_get_mac_from_list() with the
> > > > following parameters:
> > > > be_cmd_get_mac_from_list(adapter, mac, &pmac_valid, NULL, 
> > > > 					adapter->if_handle, 0);    
> > > 
> > > Looks like pmac_valid needs to be false to reach *pmac_id assign.  
> > 
> > Right, it is for this caller and there is a check which skip this logic
> > if pmac_id_valid is false, line 3738.  
> 
> Wait, the check you are referring to is

Ugh, I'm blind. The fix is too.. poor, tho.
Why are we in this loop at all if we masked out the only break
condition.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ