Re: [PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination

From: Simon Horman
Date: Mon Feb 19 2024 - 12:19:34 EST

Next message: Mark Rutland: "Re: [PATCH v2] kbuild: Use -fmin-function-alignment when available"
Previous message: neil . armstrong: "Re: [PATCH v5 00/18] power: sequencing: implement the subsystem and add first users"
In reply to: Kees Cook: "[PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 16, 2024 at 03:31:32PM -0800, Kees Cook wrote:
> The struct xt_entry_target fake flexible array has not be converted to a
> true flexible array, which is mainly blocked by it being both UAPI and
> used in the middle of other structures. In order to properly check for
> 0-sized destinations in memcpy(), an exception must be made for the one
> place where it is still a destination. Since memcpy() was already
> skipping checks for 0-sized destinations, using unsafe_memcpy() is no
> change in behavior.
>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Reviewed-by: Simon Horman <horms@xxxxxxxxxx>

Next message: Mark Rutland: "Re: [PATCH v2] kbuild: Use -fmin-function-alignment when available"
Previous message: neil . armstrong: "Re: [PATCH v5 00/18] power: sequencing: implement the subsystem and add first users"
In reply to: Kees Cook: "[PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]