subject:"svn commit\: r324971 \- head\/sys\/netinet"

Re: svn commit: r324971 - head/sys/netinet

2017-10-25 Thread Rodney W. Grimes

> On Wed, Oct 25, 2017 at 07:57:14AM -0700, Rodney W. Grimes wrote:
> > > New Revision: 324971
> > > URL: https://svnweb.freebsd.org/changeset/base/324971
> > > 
> > > Log:
> > >   Fix a bug reported by Felix Weinrank using the libfuzzer on the
> > >   userland stack.
> > 
> > Please try to say what the bug was, why it was a bug, and
> > how it was fixed in any bug commit message.
> > 
> > External vague references are of little value when reading
> > through a files svn history.
> 
> Honestly, I don't understand at all why this topic comes up again and
> again.  It's beaten to death, aren't people supposed to read svn-* mail?
> 
> :-(

I think one thing that causes some of this is that many work in
private repositories with no one else seeing there commits and
they develope a bad habit of writting very brief commit messages
and then these get carried into public repositories.

> ./danfe
-- 
Rod Grimes rgri...@freebsd.org
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r324971 - head/sys/netinet

2017-10-25 Thread Michael Tuexen

> On 25. Oct 2017, at 16:57, Rodney W. Grimes  
> wrote:
> 
> [ Charset UTF-8 unsupported, converting... ]
>> Author: tuexen
>> Date: Wed Oct 25 09:12:22 2017
>> New Revision: 324971
>> URL: https://svnweb.freebsd.org/changeset/base/324971
>> 
>> Log:
>>  Fix a bug reported by Felix Weinrank using the libfuzzer on the
>>  userland stack.
> 
> Please try to say what the bug was, why it was a bug, and
> how it was fixed in any bug commit message.
Yepp, you are right. The bug was that when taking the length
of what is used in a buffer, the offset was not taken into account.
The fix is to do that...

Best regards
Michael
> 
> External vague references are of little value when reading
> through a files svn history.
> 
> Thanks,
>> 
>>  MFC after:  3 days
>> 
>> Modified:
>>  head/sys/netinet/sctp_auth.c
>> 
>> Modified: head/sys/netinet/sctp_auth.c
>> ==
>> --- head/sys/netinet/sctp_auth.c Wed Oct 25 05:55:13 2017
>> (r324970)
>> +++ head/sys/netinet/sctp_auth.c Wed Oct 25 09:12:22 2017
>> (r324971)
>> @@ -1606,9 +1606,9 @@ sctp_zero_m(struct mbuf *m, uint32_t m_offset, uint32_
>>  /* now use the rest of the mbuf chain */
>>  while ((m_tmp != NULL) && (size > 0)) {
>>  data = mtod(m_tmp, uint8_t *)+m_offset;
>> -if (size > (uint32_t)SCTP_BUF_LEN(m_tmp)) {
>> -memset(data, 0, SCTP_BUF_LEN(m_tmp));
>> -size -= SCTP_BUF_LEN(m_tmp);
>> +if (size > (uint32_t)(SCTP_BUF_LEN(m_tmp) - m_offset)) {
>> +memset(data, 0, SCTP_BUF_LEN(m_tmp) - m_offset);
>> +size -= SCTP_BUF_LEN(m_tmp) - m_offset;
>>  } else {
>>  memset(data, 0, size);
>>  size = 0;
>> 
>> 
> 
> -- 
> Rod Grimes rgri...@freebsd.org
> 

___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r324971 - head/sys/netinet

2017-10-25 Thread Alexey Dokuchaev

On Wed, Oct 25, 2017 at 07:57:14AM -0700, Rodney W. Grimes wrote:
> > New Revision: 324971
> > URL: https://svnweb.freebsd.org/changeset/base/324971
> > 
> > Log:
> >   Fix a bug reported by Felix Weinrank using the libfuzzer on the
> >   userland stack.
> 
> Please try to say what the bug was, why it was a bug, and
> how it was fixed in any bug commit message.
> 
> External vague references are of little value when reading
> through a files svn history.

Honestly, I don't understand at all why this topic comes up again and
again.  It's beaten to death, aren't people supposed to read svn-* mail?

:-(

./danfe
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r324971 - head/sys/netinet

2017-10-25 Thread Rodney W. Grimes

[ Charset UTF-8 unsupported, converting... ]
> Author: tuexen
> Date: Wed Oct 25 09:12:22 2017
> New Revision: 324971
> URL: https://svnweb.freebsd.org/changeset/base/324971
> 
> Log:
>   Fix a bug reported by Felix Weinrank using the libfuzzer on the
>   userland stack.

Please try to say what the bug was, why it was a bug, and
how it was fixed in any bug commit message.

External vague references are of little value when reading
through a files svn history.

Thanks,
>   
>   MFC after:  3 days
> 
> Modified:
>   head/sys/netinet/sctp_auth.c
> 
> Modified: head/sys/netinet/sctp_auth.c
> ==
> --- head/sys/netinet/sctp_auth.c  Wed Oct 25 05:55:13 2017
> (r324970)
> +++ head/sys/netinet/sctp_auth.c  Wed Oct 25 09:12:22 2017
> (r324971)
> @@ -1606,9 +1606,9 @@ sctp_zero_m(struct mbuf *m, uint32_t m_offset, uint32_
>   /* now use the rest of the mbuf chain */
>   while ((m_tmp != NULL) && (size > 0)) {
>   data = mtod(m_tmp, uint8_t *)+m_offset;
> - if (size > (uint32_t)SCTP_BUF_LEN(m_tmp)) {
> - memset(data, 0, SCTP_BUF_LEN(m_tmp));
> - size -= SCTP_BUF_LEN(m_tmp);
> + if (size > (uint32_t)(SCTP_BUF_LEN(m_tmp) - m_offset)) {
> + memset(data, 0, SCTP_BUF_LEN(m_tmp) - m_offset);
> + size -= SCTP_BUF_LEN(m_tmp) - m_offset;
>   } else {
>   memset(data, 0, size);
>   size = 0;
> 
> 

-- 
Rod Grimes rgri...@freebsd.org
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r324971 - head/sys/netinet

2017-10-25 Thread Michael Tuexen

Author: tuexen
Date: Wed Oct 25 09:12:22 2017
New Revision: 324971
URL: https://svnweb.freebsd.org/changeset/base/324971

Log:
  Fix a bug reported by Felix Weinrank using the libfuzzer on the
  userland stack.
  
  MFC after:3 days

Modified:
  head/sys/netinet/sctp_auth.c

Modified: head/sys/netinet/sctp_auth.c
==
--- head/sys/netinet/sctp_auth.cWed Oct 25 05:55:13 2017
(r324970)
+++ head/sys/netinet/sctp_auth.cWed Oct 25 09:12:22 2017
(r324971)
@@ -1606,9 +1606,9 @@ sctp_zero_m(struct mbuf *m, uint32_t m_offset, uint32_
/* now use the rest of the mbuf chain */
while ((m_tmp != NULL) && (size > 0)) {
data = mtod(m_tmp, uint8_t *)+m_offset;
-   if (size > (uint32_t)SCTP_BUF_LEN(m_tmp)) {
-   memset(data, 0, SCTP_BUF_LEN(m_tmp));
-   size -= SCTP_BUF_LEN(m_tmp);
+   if (size > (uint32_t)(SCTP_BUF_LEN(m_tmp) - m_offset)) {
+   memset(data, 0, SCTP_BUF_LEN(m_tmp) - m_offset);
+   size -= SCTP_BUF_LEN(m_tmp) - m_offset;
} else {
memset(data, 0, size);
size = 0;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r324971 - head/sys/netinet

Re: svn commit: r324971 - head/sys/netinet

Re: svn commit: r324971 - head/sys/netinet

Re: svn commit: r324971 - head/sys/netinet

svn commit: r324971 - head/sys/netinet

5 matches

Site Navigation

Mail list logo

Footer information