On 1/16/21 6:21 PM, Jakub Kicinski wrote: > > I wonder. There is something inherently risky about making > a precedent for user space depending on invalid kernel output. > > _If_ we want to fix the kernel, IMO we should only fix the kernel. >
IMHO this is a kernel bug that should be fixed. An easy fix to check the overflow in nla_nest_end and return an error. Sadly, nla_nest_end return code is ignored and backporting any change to fix that will be nightmare. A warning will identify places that need to be fixed. We can at least catch and fix this overflow which is by far the primary known victim of the rollover.
