From: Eugene Teo <eteo@redhat.com>
To: Vlad Yasevich <vladislav.yasevich@hp.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org, security@kernel.org,
linux-sctp@vger.kernel.org
Subject: Re: [PATCH 1/2] sctp: correct bounds check in sctp_setsockopt_auth_key
Date: Thu, 28 Aug 2008 00:01:45 +0000 [thread overview]
Message-ID: <48B5EAE9.9090704@redhat.com> (raw)
In-Reply-To: <12198674162757-git-send-email-vladislav.yasevich@hp.com>
Vlad Yasevich wrote:
> The bonds check to prevent buffer overlflow was not exactly
> right. It still allowed overflow of up to 8 bytes which is
> sizeof(struct sctp_authkey).
>
> Since optlen is already checked against the size of that struct,
> we are guaranteed not to cause interger overflow either.
>
> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Acked-by: Eugene Teo <eugeneteo@kernel.sg>
Eugene
WARNING: multiple messages have this Message-ID (diff)
From: Eugene Teo <eteo@redhat.com>
To: Vlad Yasevich <vladislav.yasevich@hp.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org, security@kernel.org,
linux-sctp@vger.kernel.org
Subject: Re: [PATCH 1/2] sctp: correct bounds check in sctp_setsockopt_auth_key
Date: Thu, 28 Aug 2008 08:01:45 +0800 [thread overview]
Message-ID: <48B5EAE9.9090704@redhat.com> (raw)
In-Reply-To: <12198674162757-git-send-email-vladislav.yasevich@hp.com>
Vlad Yasevich wrote:
> The bonds check to prevent buffer overlflow was not exactly
> right. It still allowed overflow of up to 8 bytes which is
> sizeof(struct sctp_authkey).
>
> Since optlen is already checked against the size of that struct,
> we are guaranteed not to cause interger overflow either.
>
> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Acked-by: Eugene Teo <eugeneteo@kernel.sg>
Eugene
next prev parent reply other threads:[~2008-08-28 0:01 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <48B42ECA.7010800@redhat.com>
2008-08-27 20:03 ` [PATCH 0/2] sctp: additional overflow fixes Vlad Yasevich
2008-08-27 20:03 ` Vlad Yasevich
2008-08-27 20:03 ` [PATCH 1/2] sctp: correct bounds check in sctp_setsockopt_auth_key Vlad Yasevich
2008-08-27 20:03 ` Vlad Yasevich
2008-08-27 23:09 ` [PATCH 1/2] sctp: correct bounds check in David Miller
2008-08-27 23:09 ` [PATCH 1/2] sctp: correct bounds check in sctp_setsockopt_auth_key David Miller
2008-08-28 0:01 ` Eugene Teo [this message]
2008-08-28 0:01 ` Eugene Teo
2008-08-27 20:03 ` [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT option Vlad Yasevich
2008-08-27 20:03 ` Vlad Yasevich
2008-08-27 23:10 ` [PATCH 2/2] sctp: fix random memory dereference with David Miller
2008-08-27 23:10 ` [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT option David Miller
2008-08-28 0:02 ` [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT Eugene Teo
2008-08-28 0:02 ` [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT option Eugene Teo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48B5EAE9.9090704@redhat.com \
--to=eteo@redhat.com \
--cc=davem@davemloft.net \
--cc=linux-sctp@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=security@kernel.org \
--cc=vladislav.yasevich@hp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.