Re: [PATCH net] xfrm: Fix xfrm sel prefix length validation

From: Herbert Xu
Date: Mon May 20 2019 - 22:52:49 EST

Next message: Minchan Kim: "Re: [RFC 7/7] mm: madvise support MADV_ANONYMOUS_FILTER and MADV_FILE_FILTER"
Previous message: Minchan Kim: "Re: [RFC 6/7] mm: extend process_madvise syscall to support vector arrary"
In reply to: Anirudh Gupta: "Re: [PATCH net] xfrm: Fix xfrm sel prefix length validation"
Next in thread: Anirudh Gupta: "[PATCH net] xfrm: Fix xfrm sel prefix length validation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 20, 2019 at 10:30:29PM +0530, Anirudh Gupta wrote:
> Yes, I notice that is the only verification of p->family from userspace.
> However, the underlying conditions added in commit '07bf7908950a',
> validates the selector src/dest prefix len.

You need to check both p->family and p->sel.family.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Minchan Kim: "Re: [RFC 7/7] mm: madvise support MADV_ANONYMOUS_FILTER and MADV_FILE_FILTER"
Previous message: Minchan Kim: "Re: [RFC 6/7] mm: extend process_madvise syscall to support vector arrary"
In reply to: Anirudh Gupta: "Re: [PATCH net] xfrm: Fix xfrm sel prefix length validation"
Next in thread: Anirudh Gupta: "[PATCH net] xfrm: Fix xfrm sel prefix length validation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]