ng_parse: disallow negative length for malloc
Needs RevisionPublic
Actions

Authored by emaste on Nov 1 2022, 2:12 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Wed, May 8, 12:38 PM

	Unknown Object (File)
	Mar 12 2024, 9:44 AM

	Unknown Object (File)
	Jan 21 2024, 11:59 AM

	Unknown Object (File)
	Dec 26 2023, 4:49 PM

	Unknown Object (File)
	Dec 23 2023, 2:37 AM

	Unknown Object (File)
	Nov 22 2023, 12:08 PM

	Unknown Object (File)
	Nov 3 2023, 10:55 PM

	Unknown Object (File)
	Aug 27 2023, 2:47 PM

View All 12 Files

Subscribers

glebius

melifaro

Details

Reviewers

donner
glebius

Summary

PR:             267334
Reported by:    Robert Morris <rtm@lcs.mit.edu>
Sponsored by:   The FreeBSD Foundation

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

emaste created this revision.Nov 1 2022, 2:12 PM

Herald added subscribers: glebius, melifaro. · View Herald TranscriptNov 1 2022, 2:12 PM

emaste requested review of this revision.Nov 1 2022, 2:12 PM

just return, foff is not yet set

Can we return unsigned value from ng_get_composite_len() instead?

This revision now requires changes to proceed.Nov 2 2022, 6:14 PM

Looking at 267334. IMHO, we should return the error for invalid message as close as possible to the userland. Don't let the invalid data travel this down.

Of course we should also check for num nonnegative and too large; there's probably more to be covered here too.

Can we return unsigned value from ng_get_composite_len() instead?

We should, but I think there are ABI considerations to take into account and we really need someone who understands netgraph well.

Revision Contents
Changeset List

Path

Size

sys/

netgraph/

ng_parse.c

2 lines

Diff 112470

View Options

ng_parse: disallow negative length for mallocNeeds RevisionPublicActions