Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 Jun 2019 12:54:34 +0200
From: Romain Perier <>
To: Kees Cook <>
Cc: Kernel Hardening <>
Subject: Re: Audit and fix all misuse of NLA_STRING: STATUS


Yeah, I have found some inconsistencies, but I am not 100% sure for
all of these. I will double check and review the code closely.
I keep you in touch.


Le jeu. 20 juin 2019 à 18:15, Kees Cook <> a écrit :
> On Tue, Jun 18, 2019 at 07:56:42PM +0200, Romain Perier wrote:
> > Hi !
> >
> > Here a first review, you can get the complete list here:
> >
> >
> Cool! You identified three issues:
> net/netfilter/nfnetlink_cthelper.c:
>         NF_CT_HELPER_NAME_LEN is used instead of NF_CT_EXP_POLICY_NAME_LEN
> net/netfilter/ipset/ip_set_list_set.c:
>         IPSET_ATTR_NAME and IPSET_ATTR_NAMEREF both have a len of
>         IPSET_MAXNAMELEN for a string of size IPSET_MAXNAMELEN
> net/openvswitch/conntrack.c:
>         maxlen of NF_CT_HELPER_NAME_LEN with a string of size
>         NF_CT_HELPER_NAME_LEN. maxlen of CTNL_TIMEOUT_NAME_MAX with a
>         string of size CTNL_TIMEOUT_NAME_MAX
> I haven't looked closely at this myself yet, but I think the next step
> would be to write patches for each of these. And while doing that, have
> an eye toward thinking about how each case could be made more robust in
> the future to avoid these kinds of flaws returning.
> Nice!
> --
> Kees Cook

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.