lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <d730ef45-185c-4622-bdfe-8cd896b4d940@ovn.org> Date: Mon, 12 May 2025 21:19:07 +0200 From: Ilya Maximets <i.maximets@....org> To: Eelco Chaudron <echaudro@...hat.com>, netdev@...r.kernel.org Cc: i.maximets@....org, dev@...nvswitch.org, aconole@...hat.com, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, horms@...nel.org Subject: Re: [PATCH net-next v2] openvswitch: Stricter validation for the userspace action On 5/12/25 10:08 AM, Eelco Chaudron wrote: > This change enhances the robustness of validate_userspace() by ensuring > that all Netlink attributes are fully contained within the parent > attribute. The previous use of nla_parse_nested_deprecated() could > silently skip trailing or malformed attributes, as it stops parsing at > the first invalid entry. > > By switching to nla_parse_deprecated_strict(), we make sure only fully > validated attributes are copied for later use. Just to re-iterate for anyone reading this thread, copying non-validated attributes is not a problem as they will be ignored during execution. The change looks fine to me, thanks! Acked-by: Ilya Maximets <i.maximets@....org>
Powered by blists - more mailing lists