summaryrefslogtreecommitdiffstats
path: root/net/sched/act_simple.c
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2010-11-10 10:38:24 -0800
committerDavid S. Miller <davem@davemloft.net>2010-11-10 10:38:24 -0800
commit57fe93b374a6b8711995c2d466c502af9f3a08bb (patch)
tree12648abf4c941275e5a12a8416e8fa6a92276753 /net/sched/act_simple.c
parentfe10ae53384e48c51996941b7720ee16995cbcb7 (diff)
filter: make sure filters dont read uninitialized memory
There is a possibility malicious users can get limited information about uninitialized stack mem array. Even if sk_run_filter() result is bound to packet length (0 .. 65535), we could imagine this can be used by hostile user. Initializing mem[] array, like Dan Rosenberg suggested in his patch is expensive since most filters dont even use this array. Its hard to make the filter validation in sk_chk_filter(), because of the jumps. This might be done later. In this patch, I use a bitmap (a single long var) so that only filters using mem[] loads/stores pay the price of added security checks. For other filters, additional cost is a single instruction. [ Since we access fentry->k a lot now, cache it in a local variable and mark filter entry pointer as const. -DaveM ] Reported-by: Dan Rosenberg <drosenberg@vsecurity.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sched/act_simple.c')
0 files changed, 0 insertions, 0 deletions