Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
From: Theodore Ts'o Date: Wed, 12 Feb 2014 17:40:58 -0500 > Would it be possible to set up a new mailing list on vger.kernel.org, > linux-cover...@vger.kernel.org? Done. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 01:41:12PM -0800, Kees Cook wrote: > On Wed, Feb 12, 2014 at 09:31:51PM +, ty...@mit.edu wrote: > > I'm paying attention to Linux kernel coverity reports (as well as > > working on my goal to drive the number of e2fsprogs coverity reports > > to zero :-), so feel free to CC me on any reports. > > Okay, 3 people sounds like "we need a mailing list". :) Who's best to > ask for that? +postmas...@vger.kernel.org Hi Dave, Matti, Would it be possible to set up a new mailing list on vger.kernel.org, linux-cover...@vger.kernel.org? Many thanks!! - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 09:31:51PM +, ty...@mit.edu wrote: > I'm paying attention to Linux kernel coverity reports (as well as > working on my goal to drive the number of e2fsprogs coverity reports > to zero :-), so feel free to CC me on any reports. Okay, 3 people sounds like "we need a mailing list". :) Who's best to ask for that? -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 01:05:54PM -0800, Kees Cook wrote: > > I'd be up for it. It's why I CC'd you, I figured if I'd missed the > report it would have likely have come from you. :) Perhaps just start > by CCing each other, and if others want to get in on the fun too, move > to a list then? I'm paying attention to Linux kernel coverity reports (as well as working on my goal to drive the number of e2fsprogs coverity reports to zero :-), so feel free to CC me on any reports. Cheers, - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 04:03:47PM -0500, Dave Jones wrote: > I wonder if it's worth getting a cover...@vger.kernel.org list set up for > cc'ing stuff like this to reduce dupe reports (though this is the first I > recall in a while), and for review of patches etc before forwarding them on > to their relevant list/maintainers. > > thoughts? I'd be up for it. It's why I CC'd you, I figured if I'd missed the report it would have likely have come from you. :) Perhaps just start by CCing each other, and if others want to get in on the fun too, move to a list then? -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 12:54:53PM -0800, Kees Cook wrote: > On Wed, Feb 12, 2014 at 03:50:37PM -0500, Dave Jones wrote: > > On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: > > > Hi, > > > > > > This seems like a legit problem detected by Coverity. Looks like a > > break is > > > missing? > > > > yup, reported this morning. > > (Also note that I changed the state in coverity once Patrick confirmed it) > > Ah, sorry for the noise then! I missed Dave's earlier the bug report email. I wonder if it's worth getting a cover...@vger.kernel.org list set up for cc'ing stuff like this to reduce dupe reports (though this is the first I recall in a while), and for review of patches etc before forwarding them on to their relevant list/maintainers. thoughts? Dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 03:50:37PM -0500, Dave Jones wrote: > On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: > > Hi, > > > > This seems like a legit problem detected by Coverity. Looks like a break is > > missing? > > yup, reported this morning. > (Also note that I changed the state in coverity once Patrick confirmed it) Ah, sorry for the noise then! I missed Dave's earlier the bug report email. -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in "nf_tables: add reject module for NFPROTO_INET"
On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: > Hi, > > This seems like a legit problem detected by Coverity. Looks like a break is > missing? yup, reported this morning. (Also note that I changed the state in coverity once Patrick confirmed it) Dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
flaw in "nf_tables: add reject module for NFPROTO_INET"
Hi,
This seems like a legit problem detected by Coverity. Looks like a break is
missing?
-Kees
On Tue, Feb 11, 2014 at 11:34:33PM -0800, scan-ad...@coverity.com wrote:
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to Linux found with
> Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 1171942: Missing break in switch (MISSING_BREAK)
> /net/netfilter/nft_reject_inet.c: 25 in nft_reject_inet_eval()
>
>
>
> *** CID 1171942: Missing break in switch (MISSING_BREAK)
> /net/netfilter/nft_reject_inet.c: 25 in nft_reject_inet_eval()
> 19 struct nft_data data[NFT_REG_MAX + 1],
> 20 const struct nft_pktinfo *pkt)
> 21 {
> 22switch (pkt->ops->pf) {
> 23case NFPROTO_IPV4:
> 24nft_reject_ipv4_eval(expr, data, pkt);
> >>> CID 1171942: Missing break in switch (MISSING_BREAK)
> >>> The above case falls through to this one.
> 25case NFPROTO_IPV6:
> 26nft_reject_ipv6_eval(expr, data, pkt);
> 27}
> 28 }
> 29
> 30 static struct nft_expr_type nft_reject_inet_type;
--
Kees Cook@outflux.net
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
flaw in nf_tables: add reject module for NFPROTO_INET
Hi,
This seems like a legit problem detected by Coverity. Looks like a break is
missing?
-Kees
On Tue, Feb 11, 2014 at 11:34:33PM -0800, scan-ad...@coverity.com wrote:
Hi,
Please find the latest report on new defect(s) introduced to Linux found with
Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1171942: Missing break in switch (MISSING_BREAK)
/net/netfilter/nft_reject_inet.c: 25 in nft_reject_inet_eval()
*** CID 1171942: Missing break in switch (MISSING_BREAK)
/net/netfilter/nft_reject_inet.c: 25 in nft_reject_inet_eval()
19 struct nft_data data[NFT_REG_MAX + 1],
20 const struct nft_pktinfo *pkt)
21 {
22switch (pkt-ops-pf) {
23case NFPROTO_IPV4:
24nft_reject_ipv4_eval(expr, data, pkt);
CID 1171942: Missing break in switch (MISSING_BREAK)
The above case falls through to this one.
25case NFPROTO_IPV6:
26nft_reject_ipv6_eval(expr, data, pkt);
27}
28 }
29
30 static struct nft_expr_type nft_reject_inet_type;
--
Kees Cook@outflux.net
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: Hi, This seems like a legit problem detected by Coverity. Looks like a break is missing? yup, reported this morning. (Also note that I changed the state in coverity once Patrick confirmed it) Dave -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 03:50:37PM -0500, Dave Jones wrote: On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: Hi, This seems like a legit problem detected by Coverity. Looks like a break is missing? yup, reported this morning. (Also note that I changed the state in coverity once Patrick confirmed it) Ah, sorry for the noise then! I missed Dave's earlier the bug report email. -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 12:54:53PM -0800, Kees Cook wrote: On Wed, Feb 12, 2014 at 03:50:37PM -0500, Dave Jones wrote: On Wed, Feb 12, 2014 at 12:43:08PM -0800, Kees Cook wrote: Hi, This seems like a legit problem detected by Coverity. Looks like a break is missing? yup, reported this morning. (Also note that I changed the state in coverity once Patrick confirmed it) Ah, sorry for the noise then! I missed Dave's earlier the bug report email. I wonder if it's worth getting a cover...@vger.kernel.org list set up for cc'ing stuff like this to reduce dupe reports (though this is the first I recall in a while), and for review of patches etc before forwarding them on to their relevant list/maintainers. thoughts? Dave -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 04:03:47PM -0500, Dave Jones wrote: I wonder if it's worth getting a cover...@vger.kernel.org list set up for cc'ing stuff like this to reduce dupe reports (though this is the first I recall in a while), and for review of patches etc before forwarding them on to their relevant list/maintainers. thoughts? I'd be up for it. It's why I CC'd you, I figured if I'd missed the report it would have likely have come from you. :) Perhaps just start by CCing each other, and if others want to get in on the fun too, move to a list then? -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 01:05:54PM -0800, Kees Cook wrote: I'd be up for it. It's why I CC'd you, I figured if I'd missed the report it would have likely have come from you. :) Perhaps just start by CCing each other, and if others want to get in on the fun too, move to a list then? I'm paying attention to Linux kernel coverity reports (as well as working on my goal to drive the number of e2fsprogs coverity reports to zero :-), so feel free to CC me on any reports. Cheers, - Ted -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 09:31:51PM +, ty...@mit.edu wrote: I'm paying attention to Linux kernel coverity reports (as well as working on my goal to drive the number of e2fsprogs coverity reports to zero :-), so feel free to CC me on any reports. Okay, 3 people sounds like we need a mailing list. :) Who's best to ask for that? -Kees -- Kees Cook@outflux.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
On Wed, Feb 12, 2014 at 01:41:12PM -0800, Kees Cook wrote: On Wed, Feb 12, 2014 at 09:31:51PM +, ty...@mit.edu wrote: I'm paying attention to Linux kernel coverity reports (as well as working on my goal to drive the number of e2fsprogs coverity reports to zero :-), so feel free to CC me on any reports. Okay, 3 people sounds like we need a mailing list. :) Who's best to ask for that? +postmas...@vger.kernel.org Hi Dave, Matti, Would it be possible to set up a new mailing list on vger.kernel.org, linux-cover...@vger.kernel.org? Many thanks!! - Ted -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: flaw in nf_tables: add reject module for NFPROTO_INET
From: Theodore Ts'o ty...@mit.edu Date: Wed, 12 Feb 2014 17:40:58 -0500 Would it be possible to set up a new mailing list on vger.kernel.org, linux-cover...@vger.kernel.org? Done. -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
