From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 972AA23ED6A for ; Thu, 23 Apr 2026 14:29:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776954554; cv=none; b=R8QzeXMdSHHozZNVfKdUWYynS4IRK2H4ZAHKQz4LuQsm18Ney49d9RnLM7THz0EfpFWlzKcUN1b1p+mE8JuY5ZhYj/kAbJP12wg5MMOb8/LMFOj7U5+Ojoc6jU8/7Ywxm/0Ise0+VpgXRqOeQgFXGds7Q/sPvhNXszPUxX43l+I= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776954554; c=relaxed/simple; bh=GFNw/wZGwOTusl3rL6b9d1EVaGY5WK1WmpecL466I30=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=OIFeGl9cgOb99sQBDR8ns7kRXKad+J3SFWAGunOfL9Fqy9XsZdN5zDnjKiQExnYaZGwPwyEbM0padcpM2k9pc8/E6TNTS93HhSrkrhKZpWOxd74/FiRqOkwHJSrf05Avt5koxZuBmIsYD7hUAGzCIrBOviCXJtWWKigLfNR0wPI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=f3OPJzSH; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=ZtFDFXIE; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="f3OPJzSH"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="ZtFDFXIE" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1776954552; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mJXAYCiKedl47jf6xE6Z60fJSrR9e2EHlsKXBtesuI4=; b=f3OPJzSHzGmz+uv7l0mUT36o6rX+Rhm7RgZ6ZT/c+WxdwW5ief0AV1ggDra/9nBqlASPab CwO/XBpGejPNlxAA8Q1AqZPM/MvSjtwq6kX6ZVfhA/yv8XdY1gPv4QXUQ8RoVDcxKtAWbD uanaMSshDy5IEIz/q0em0V8UKMuqR+M= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-594-h8Im8AD8O0Ocs143ms5G1g-1; Thu, 23 Apr 2026 10:29:11 -0400 X-MC-Unique: h8Im8AD8O0Ocs143ms5G1g-1 X-Mimecast-MFC-AGG-ID: h8Im8AD8O0Ocs143ms5G1g_1776954549 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-488f973ddfeso51572535e9.3 for ; Thu, 23 Apr 2026 07:29:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1776954549; x=1777559349; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=mJXAYCiKedl47jf6xE6Z60fJSrR9e2EHlsKXBtesuI4=; b=ZtFDFXIEAFL1lOddBMl7R3JlXSzCTZi59GTEMU2xoEZ0Cp/evVQ4ofGHTEjvPCbe1H aVyzysmD27baL/VCxQAZavAhmiHIZCU2KQiebYP9husah8/ECNphRc/oL1g7WM1OfVl5 rQXM1PonQV+qQwuJfS4tZcn7wZc3Xfh0lJD102MWYUf3JoyZu7CYn4vIOW8Ras9gPRPM /0QlgKOMZLwH+iwHFRExOWL1TNiNFZX/3QAhGTSXmg7BoNmqJ/272/f3j1ojlxAebX+n Ge7eOfu1lhrClo5Z8E7jH9mDj8KuPTOFtdM3vFkCGoz3l62hB6tEa6WHqvDJcJCXtrIP n8YQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776954549; x=1777559349; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mJXAYCiKedl47jf6xE6Z60fJSrR9e2EHlsKXBtesuI4=; b=A384VCLWOa6TMCm3nGASEmIjSilN2HBJAURxMoAnyILub36UpLvGQNHR4x84rnHBHV WpzxlANt7H5g77BZ4HZjHCfCk1N8N1/funGgd8pPwoU49pKL+a+Md9vVbPlyBHEagCv6 zTEgoaM8KA28tePffhjsnjAtbsar9fQSyMObn8opUWt9hbKljgaOZP/a4nR/JXJNqoSt OduH5qpsPtKpVUIHLTmARVE6AKTA6cI5I+nQ+rXVwy2NotFBo+nfNxP/2cf0YRgeYyzR vNqy382BpNK9928XoVUK2aeEqkBB99pOQ7ltyBbK9kODRwNvNQhVjMMdguGufEo8jlPv cAeA== X-Forwarded-Encrypted: i=1; AFNElJ9msgSRaL2gvlHmqvoltGIdLdQMcKyi3XD70zuefUxxbwZTFQrSI1hoTpvv3065phYrvz5ZGuzK2RdUB9I=@vger.kernel.org X-Gm-Message-State: AOJu0YzS2lVu2MvgKFpE/E/Bl75FWBe2t6dpL53J5wJAan1N+D9/IvWE IynHQQE0kefeqdpVtKr/vyqTcVhQzNUd4lRZCp9wu4ih5Hih0h9nKQlgHSe6Y9LcNNXv0gckcJO kDQaVr6yxHTqeBDwrtsyGNuV9SpS0ZgKemhUMUAzJOJynXtq4EfiR6UqzHJiXvBTn0Q== X-Gm-Gg: AeBDieuL73cKo273PFc701bvpvdQI7kabXQOHE7zX3USAThgZFOAUcK4RSBzUDWFIzm ENZ3le3lhiuBZW1KZYwCr2CmOd5dY0EV1forep01OcvRdLn3n1TXX5Sg0OLEdbfzhnchn2D3L0t 8gziwCDGpsenflWpn1ra4+o92k54nT70uN8oAEzgbL+bE/gbLskdoDRcsoCFfEiY/7HwONndTQt baD5sak4u5n/aDcIDgghXKHam7KizH7qVKrnxQRrbif/0m14YL+NqRPxy5ZMRPvAYYSTLaP9R36 RtpoaM3X/u/R1eyoJ+qidS8NCJgZva8nLyhW41gOb9IRcfdoirUfnD3bZKy7ltt/hd00d13uX2+ H5pjiy64AAGhIr/wFWqug8kQg1poCwIDmZbw7kT80s2QU4KDRbvi2ofewp+TedOLVHOE= X-Received: by 2002:a05:600c:1e28:b0:483:7903:c3b1 with SMTP id 5b1f17b1804b1-488fb77fbf3mr389501865e9.20.1776954549195; Thu, 23 Apr 2026 07:29:09 -0700 (PDT) X-Received: by 2002:a05:600c:1e28:b0:483:7903:c3b1 with SMTP id 5b1f17b1804b1-488fb77fbf3mr389501355e9.20.1776954548690; Thu, 23 Apr 2026 07:29:08 -0700 (PDT) Received: from [192.168.88.32] ([150.228.93.216]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-488fb74c68asm164855685e9.3.2026.04.23.07.29.07 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 23 Apr 2026 07:29:08 -0700 (PDT) Message-ID: Date: Thu, 23 Apr 2026 16:29:06 +0200 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH net] ipv4: clamp MCAST_MSFILTER getsockopt to optlen, not gf_numsrc To: Greg Kroah-Hartman Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, "David S. Miller" , David Ahern , Eric Dumazet , Jakub Kicinski , Simon Horman , stable References: <2026042054-dime-spectator-820e@gregkh> <17e348e1-b551-41e4-a512-906109dded4d@redhat.com> <2026042345-prompter-boogieman-1f5e@gregkh> Content-Language: en-US From: Paolo Abeni In-Reply-To: <2026042345-prompter-boogieman-1f5e@gregkh> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 4/23/26 4:18 PM, Greg Kroah-Hartman wrote: > On Thu, Apr 23, 2026 at 03:57:55PM +0200, Paolo Abeni wrote: >> On 4/20/26 9:26 PM, Greg Kroah-Hartman wrote: >>> @@ -1486,8 +1491,12 @@ static int compat_ip_get_mcast_msfilter(struct sock *sk, sockptr_t optval, >>> gf.gf_interface = gf32.gf_interface; >>> gf.gf_fmode = gf32.gf_fmode; >>> num = gf.gf_numsrc = gf32.gf_numsrc; >>> - gf.gf_group = gf32.gf_group; >>> >>> + if (num > (len - size0) / sizeof(struct sockaddr_storage)) >>> + num = (len - size0) / sizeof(struct sockaddr_storage); >>> + gf.gf_numsrc = num; >> >> Since this is exactly the same code added above, likely a common helper >> would be useful. > > Useful where else? Just in these 2 functions, to avoid duplicating the logic. Not a big deal, but it would feel nicer. Also the gf.gf_group = gf32.gf_group; statement is moved around but such change is not needed, right? >> I guess we don't care if this would break bad application passing optval >> area properly sized for gf_numsrc sockets and a small optval, right? I >> don't see how to eventually save them. > > I couldn't see how to save them either, and if an application sends bad > data we should be rejecting it, right? Especially as this overflows > things as-is :( Agreed. Thanks, Paolo