Le 2017-06-25 21:45, Jan Engelhardt a écrit :
On Wednesday 2017-06-21 18:16, Pablo Neira Ayuso wrote:
Hi Loic,
On Tue, Jun 20, 2017 at 08:31:26PM +0200, Loic wrote:
Hi,
I think there is a problem in the geoip code because I detect this:
grep -ar "cicus.162_313 max" /usr/src/xtables-addons-2.12/extensions/
/usr/src/xtables-addons-2.12/extensions/xt_geoip.o:cicus.162_313 max,
count: 7, decl: vmalloc; num: 1; context: fndecl;
/usr/src/xtables-addons-2.12/extensions/xt_geoip.o:/usr/src/xtables-addons-2.12/extensions/xt_geoip.ccicus.162_313
max, count: 5, decl: size_overflow MARK_NO copy_user_generic 3; num:
0; context: attr;
/usr/src/xtables-addons-2.12/extensions/xt_geoip.ko:cicus.162_313
max,
count: 7, decl: vmalloc; num: 1; context: fndecl;
/usr/src/xtables-addons-2.12/extensions/xt_geoip.ko:/usr/src/xtables-addons-2.12/extensions/xt_geoip.ccicus.162_313
max, count: 5, decl: size_overflow MARK_NO copy_user_generic 3; num:
0; context: attr;
You maybe can draw inspiration for resolve this by "vmalloc_usercopy"
in
PAX_USERCOPY from PaX/Grsecurity.
This is out of tree code, Cc'ing Jan, who maintains this.
What is cicus and what are these messages supposed to tell me?
This comes from the size_overflow plugin :
https://github.com/ephox-gcc-plugins/size_overflow
After I'm not an expert I just detected this:
grep -ai size_overflow "xt_geoip.ko"
/usr/src/xtables-addons-2.12/extensions/xt_geoip.ccicus.162_313 max,
count: 5, decl: # size_overflow MARK_NO copy_user_generic 3; num: 0;
context: attr;
--
Best regards,
Loic
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
