Re: [PATCH] net: sock: validate data_len before allocating skb insock_alloc_send_pskb()

[David Miller]

From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Date: Wed, 30 May 2012 08:46:23 +0200

> Why doing this test in the while (1) block, it should be done before the
> loop...
> 
> Or even in the caller, note net/unix/af_unix.c does this right.
> 
>         if (len > SKB_MAX_ALLOC)
>                 data_len = min_t(size_t,
>                                  len - SKB_MAX_ALLOC,
>                                  MAX_SKB_FRAGS * PAGE_SIZE);
> 
>         skb = sock_alloc_send_pskb(sk, len - data_len, data_len,
>                                    msg->msg_flags & MSG_DONTWAIT, &err);

My impression is that the callers should be fixed to.  It makes no sense
to penalize the call sites that get this right.

And yes, if we do check it in sock_alloc_send_pskb() it should be done
at function entry, not inside the loop.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/