From: Tom Parkin <tparkin@katalix.com>
To: Gavrilov Ilia <Ilia.Gavrilov@infotecs.ru>
Cc: James Chapman <jchapman@katalix.com>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"lvc-project@linuxtesting.org" <lvc-project@linuxtesting.org>
Subject: Re: [PATCH net-next] l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function
Date: Wed, 6 Mar 2024 14:32:59 +0000 [thread overview]
Message-ID: <Zeh+m84IESlWU1rE@katalix.com> (raw)
In-Reply-To: <c9dd0486-aacc-4263-bcce-630fad445e72@infotecs.ru>
[-- Attachment #1: Type: text/plain, Size: 989 bytes --]
On Wed, Mar 06, 2024 at 13:46:07 +0000, Gavrilov Ilia wrote:
> On 3/6/24 16:14, Tom Parkin wrote:
> > As it stands right now in the l2tp_ppp.c code, I think the check on
> > len will end up doing nothing, as you point out.
> >
> > So moving the len check to before the min_t() call may in theory
> > possibly catch out (insane?) userspace code passing in negative
> > numbers which may "work" with the current kernel code.
> >
> > I wonder whether its safer therefore to remove the len check
> > altogether?
>
> Thank you for answer.
>
> In my opinion, it is better to leave the 'len' check. This way it will
> be easier for the user to understand where the error is.
Fair enough.
My concern was that in doing so we add a new behaviour which userspace
may notice and care about, but realistically I'm probably being
paranoid to imagine that any such userspace exists.
Thanks for your work on l2tp_ppp.c :-)
Reviewed-by: Tom Parkin <tparkin@katalix.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
prev parent reply other threads:[~2024-03-06 14:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-06 9:58 [PATCH net-next] l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function Gavrilov Ilia
2024-03-06 13:14 ` Tom Parkin
2024-03-06 13:46 ` Gavrilov Ilia
2024-03-06 14:32 ` Tom Parkin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zeh+m84IESlWU1rE@katalix.com \
--to=tparkin@katalix.com \
--cc=Ilia.Gavrilov@infotecs.ru \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=jchapman@katalix.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.