Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread David Miller 
From: Alexander Potapenko 
Date: Wed,  1 Mar 2017 12:57:20 +0100

> KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of
> uninitialized memory in packet_bind_spkt():
 ...
> This happens because addr.sa_data copied from the userspace is not
> zero-terminated, and copying it with strlcpy() in packet_bind_spkt()
> results in calling strlen() on the kernel copy of that non-terminated
> buffer.
> 
> Signed-off-by: Alexander Potapenko 
> ---
> Changes since v3:
>  - addressed comments by Eric Dumazet (avoid using constants,
>use memcpy() instead of strncpy())

Applied and queued up for -stable.

Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread David Miller 
From: Alexander Potapenko 
Date: Wed,  1 Mar 2017 12:57:20 +0100

> KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of
> uninitialized memory in packet_bind_spkt():
 ...
> This happens because addr.sa_data copied from the userspace is not
> zero-terminated, and copying it with strlcpy() in packet_bind_spkt()
> results in calling strlen() on the kernel copy of that non-terminated
> buffer.
> 
> Signed-off-by: Alexander Potapenko 
> ---
> Changes since v3:
>  - addressed comments by Eric Dumazet (avoid using constants,
>use memcpy() instead of strncpy())

Applied and queued up for -stable.

Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread Cong Wang 
On Wed, Mar 1, 2017 at 3:57 AM, Alexander Potapenko  wrote:
> This happens because addr.sa_data copied from the userspace is not
> zero-terminated, and copying it with strlcpy() in packet_bind_spkt()
> results in calling strlen() on the kernel copy of that non-terminated
> buffer.

Very similar to

commit b301f2538759933cf9ff1f7c4f968da72e3f0757
Author: Pablo Neira Ayuso 
Date:   Thu Mar 24 21:29:53 2016 +0100

netfilter: x_tables: enforce nul-terminated table name from
getsockopt GET_ENTRIES

Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread Cong Wang 
On Wed, Mar 1, 2017 at 3:57 AM, Alexander Potapenko  wrote:
> This happens because addr.sa_data copied from the userspace is not
> zero-terminated, and copying it with strlcpy() in packet_bind_spkt()
> results in calling strlen() on the kernel copy of that non-terminated
> buffer.

Very similar to

commit b301f2538759933cf9ff1f7c4f968da72e3f0757
Author: Pablo Neira Ayuso 
Date:   Thu Mar 24 21:29:53 2016 +0100

netfilter: x_tables: enforce nul-terminated table name from
getsockopt GET_ENTRIES

Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread Eric Dumazet 
On Wed, 2017-03-01 at 12:57 +0100, Alexander Potapenko wrote:
> KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of
> uninitialized memory in packet_bind_spkt():
...
> Signed-off-by: Alexander Potapenko 
> ---
> Changes since v3:
>  - addressed comments by Eric Dumazet (avoid using constants,
>use memcpy() instead of strncpy())
> ---

Acked-by: Eric Dumazet

Re: [PATCH v4] net: don't call strlen() on the user buffer in packet_bind_spkt()

2017-03-01 Thread Eric Dumazet 
On Wed, 2017-03-01 at 12:57 +0100, Alexander Potapenko wrote:
> KMSAN (KernelMemorySanitizer, a new error detection tool) reports use of
> uninitialized memory in packet_bind_spkt():
...
> Signed-off-by: Alexander Potapenko 
> ---
> Changes since v3:
>  - addressed comments by Eric Dumazet (avoid using constants,
>use memcpy() instead of strncpy())
> ---

Acked-by: Eric Dumazet