Re: [PATCH 2/2] netlink: Bounds-check struct nlmsgerr creation

From: Jakub Kicinski
Date: Wed Aug 31 2022 - 23:20:27 EST

Next message: Gao Xiang: "Re: [RFC PATCH 0/5] Introduce erofs shared domain"
Previous message: Li Zhijian: "[PATCH v2] selftests: pidfd: Fix compling warnings"
In reply to: Kees Cook: "[PATCH 2/2] netlink: Bounds-check struct nlmsgerr creation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 31 Aug 2022 20:06:10 -0700 Kees Cook wrote:
> For 32-bit systems, it might be possible to wrap lnmsgerr content
> lengths beyond SIZE_MAX. Explicitly test for all overflows, and mark the
> memcpy() as being unable to internally diagnose overflows.
>
> This also excludes netlink from the coming runtime bounds check on
> memcpy(), since it's an unusual case of open-coded sizing and
> allocation.

This one you gotta rebase we just rewrote the af_netlink
part last week :)

Next message: Gao Xiang: "Re: [RFC PATCH 0/5] Introduce erofs shared domain"
Previous message: Li Zhijian: "[PATCH v2] selftests: pidfd: Fix compling warnings"
In reply to: Kees Cook: "[PATCH 2/2] netlink: Bounds-check struct nlmsgerr creation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]