From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 625BC7C for ; Tue, 25 Jul 2023 00:56:13 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 76B26C433C8; Tue, 25 Jul 2023 00:56:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1690246573; bh=cFkvzIqEVxtobth8BkWedQlxCsFQkol1UukjBn0/mMg=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Z+1DX3GP3lPjJxrYCjQYbSmWeex1UZ94DyV6E0lKotL6TyUDAwRrCHqPRqd3GaP7w FuDixiNhnFQICs/uE5W+iOJdj78nURRS8yX7ISlZ0HXwXXQgXbGXWF/XKQ4oKv0p65 YkETrCwaiTp84yG9Qq+tmAoYehUOee20qPwAtGo4hYfoj2/z0sYlEGCW/oWIwKj+Ih PM5fwPv8g/lrnp6rCLT4IykgFME/nOMtYbwGNBN7Jhf179SxNo2Dtpswa2chcxP6mK SJciRa3bfOR/S97FLTGewS9WHhWg5rTIs66Dfx4swS7wX2O9T0w9geOrQVZcLTqi8l VkFVhhqhy39gA== Date: Mon, 24 Jul 2023 17:56:12 -0700 From: Jakub Kicinski To: "Lin Ma" , Joe Perches Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, pabeni@redhat.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64 Message-ID: <20230724175612.0649ef67@kernel.org> In-Reply-To: <63d69a72.e2656.1898a66ca22.Coremail.linma@zju.edu.cn> References: <20230724014625.4087030-1-linma@zju.edu.cn> <20230724160214.424573ac@kernel.org> <63d69a72.e2656.1898a66ca22.Coremail.linma@zju.edu.cn> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Tue, 25 Jul 2023 08:15:39 +0800 (GMT+08:00) Lin Ma wrote: > > > The nla_for_each_nested parsing in function mqprio_parse_nlattr() does > > > not check the length of the nested attribute. This can lead to an > > > out-of-attribute read and allow a malformed nlattr (e.g., length 0) to > > > be viewed as 8 byte integer and passed to priv->max_rate/min_rate. > > > > > > This patch adds the check based on nla_len() when check the nla_type(), > > > which ensures that the length of these two attribute must equals > > > sizeof(u64). > > > > How do you run get_maintainer? You didn't CC the author of the code. > > That's weird, I just ran code below and send this patch to all 9 emails poped out. > > # ./scripts/get_maintainer.pl net/sched/sch_mqprio.c Joe, here's another case. Lin Ma, you need to run the script on the file generated by git format-patch, rather than the file path. That gives better coverage for keywords included in the commit message (especially the Fixes tag). Please rerun it on the patch and repost with the right CC list. -- pw-bot: cr