Message ID | CAPgLHd-yEmt_BJ52uZNsCA_-w85VhnN_HbfjG1QLVvR5kp7Xvw@mail.gmail.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
From: Wei Yongjun <weiyj.lk@gmail.com> Date: Tue, 9 Apr 2013 10:07:19 +0800 > From: Wei Yongjun <yongjun_wei@trendmicro.com.cn> > > sizeof() when applied to a pointer typed expression gives the size of the > pointer, not that of the pointed data. > Introduced by commit 3ce5ef(netrom: fix info leak via msg_name in nr_recvmsg) > > Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Any particular reason you're: 1) Targetting the wrong tree. This was a bug fix that went into 'net', therefore targetting -next is not correct. This fix need to go into 'net'. 2) Not even bothering to CC: the person whose change you are correcting? Anyways, applied to 'net', thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 04/09/2013 10:49 AM, David Miller wrote: > From: Wei Yongjun <weiyj.lk@gmail.com> > Date: Tue, 9 Apr 2013 10:07:19 +0800 > >> From: Wei Yongjun <yongjun_wei@trendmicro.com.cn> >> >> sizeof() when applied to a pointer typed expression gives the size of the >> pointer, not that of the pointed data. >> Introduced by commit 3ce5ef(netrom: fix info leak via msg_name in nr_recvmsg) >> >> Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> > Any particular reason you're: > > 1) Targetting the wrong tree. This was a bug fix that went into > 'net', therefore targetting -next is not correct. This fix > need to go into 'net'. I found this from the linux-next.git tree, but this commit is not exists at linux.git tree, and I forgot to check net.git, sorry for that. I will pay more attention next time. > > 2) Not even bothering to CC: the person whose change you are > correcting? > > Anyways, applied to 'net', thanks. > > > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Apr 09, 2013 at 10:07:19AM +0800, Wei Yongjun wrote: > From: Wei Yongjun <yongjun_wei@trendmicro.com.cn> > > sizeof() when applied to a pointer typed expression gives the size of the > pointer, not that of the pointed data. > Introduced by commit 3ce5ef(netrom: fix info leak via msg_name in nr_recvmsg) I think it would be a good idea to enable -Wsizeof-pointer-memaccess (gcc 4.8 feature) by default. While enabled there were no additional warnings when I tested it some weeks ago. I will look into this. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Apr 9, 2013 at 4:07 AM, Wei Yongjun <weiyj.lk@gmail.com> wrote: > > From: Wei Yongjun <yongjun_wei@trendmicro.com.cn> > > sizeof() when applied to a pointer typed expression gives the size of the > pointer, not that of the pointed data. > Introduced by commit 3ce5ef(netrom: fix info leak via msg_name in nr_recvmsg) > > Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> > --- > net/netrom/af_netrom.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c > index 7fcb307..103bd70 100644 > --- a/net/netrom/af_netrom.c > +++ b/net/netrom/af_netrom.c > @@ -1173,7 +1173,7 @@ static int nr_recvmsg(struct kiocb *iocb, struct socket *sock, > } > > if (sax != NULL) { > - memset(sax, 0, sizeof(sax)); > + memset(sax, 0, sizeof(*sax)); > sax->sax25_family = AF_NETROM; > skb_copy_from_linear_data_offset(skb, 7, sax->sax25_call.ax25_call, > AX25_ADDR_LEN); > Thanks for fixing this nasty little typo! My keyboard must be broken as sizeof(*sax) was the intended change in the first place. ;) Acked-by: Mathias Krause <minipli@googlemail.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c index 7fcb307..103bd70 100644 --- a/net/netrom/af_netrom.c +++ b/net/netrom/af_netrom.c @@ -1173,7 +1173,7 @@ static int nr_recvmsg(struct kiocb *iocb, struct socket *sock, } if (sax != NULL) { - memset(sax, 0, sizeof(sax)); + memset(sax, 0, sizeof(*sax)); sax->sax25_family = AF_NETROM; skb_copy_from_linear_data_offset(skb, 7, sax->sax25_call.ax25_call, AX25_ADDR_LEN);