qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH-for-5.2 0/2] net: Do not accept packets with invalid huge

From: Philippe Mathieu-Daudé
Subject: Re: [RFC PATCH-for-5.2 0/2] net: Do not accept packets with invalid huge size
Date: Mon, 30 Nov 2020 11:02:59 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 
On 11/28/20 9:59 PM, Peter Maydell wrote:
> On Fri, 27 Nov 2020 at 15:45, Philippe Mathieu-Daudé <philmd@redhat.com> 
> wrote:
>>
>> Hi,
>>
>> This is a simple attempt to avoid the following pattern:
>>
>>   ssize_t pkt_size = get_pkt_size(); // returns errno
>>
>>   // no check
>>
>>   send_packet(size_t size=pkt_size); // size casted to unsigned
>>                                      // -> overflow
> 
> "RFC" and "for-5.2" are not a great combination at this point :-(

"RFC" because I don't understand all the effects this assert
can have. "for-5.2" because it was raised as a security bug,
but I don't have access to the information, so I can not see
the big picture.

> What are the consequences if we don't put this patchset in 5.2?

Jason suggested to postpone this. If this is security important,
we can release a 5.2.1-stable tag early I suppose.

Regards,

Phil.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]