Re: [CHECKER] Probable security holes in 2.6.5

From: Rusty Russell
Date: Sat Apr 17 2004 - 01:17:31 EST


On Sat, 2004-04-17 at 05:27, Chris Wright wrote:
> > [BUG]
> > /home/kash/linux/linux-2.6.5/kernel/module.c:1303:load_module:
> > ERROR:TAINT: 1283:1303:Using user value "((*hdr).e_shstrndx * 0)"
> > without first performing bounds checks

Yes, this is a special case. We've already checked CAP_SYS_MODULE, and
we only do trivial sanity checks for correct arch and truncated
modules. This is by policy, since there are things we simply can't
check (like the code we're about to run!),

Hope that helps!
Rusty.
--
Anyone who quotes me in their signature is an idiot -- Rusty Russell

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/