subject:"\[PATCH v2 net\] ipvs\: prevent integer overflow in do_ip_vs_get

Re: [PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

2025-03-12 Thread Pablo Neira Ayuso

On Tue, Mar 11, 2025 at 07:50:44PM +0200, Julian Anastasov wrote: > > Hello, > > On Mon, 10 Mar 2025, Dan Carpenter wrote: > > > The get->num_services variable is an unsigned int which is controlled by > > the user. The struct_size() function ensures that the size calculation > > does not

Re: [PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

2025-03-11 Thread Julian Anastasov

Hello, On Mon, 10 Mar 2025, Dan Carpenter wrote: > The get->num_services variable is an unsigned int which is controlled by > the user. The struct_size() function ensures that the size calculation > does not overflow an unsigned long, however, we are saving the result to > an int so th

[PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

2025-03-10 Thread Dan Carpenter

The get->num_services variable is an unsigned int which is controlled by the user. The struct_size() function ensures that the size calculation does not overflow an unsigned long, however, we are saving the result to an int so the calculation can overflow. Both "len" and "get->num_services" come

Re: [PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

Re: [PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

[PATCH v2 net] ipvs: prevent integer overflow in do_ip_vs_get_ctl()

3 matches

Site Navigation

Mail list logo

Footer information