Re: [PATCH v2] KEYS: DNS: limit the length of option strings
On Mon, Apr 02, 2018 at 12:20:35PM -0700, Eric Biggers wrote: > On Fri, Mar 23, 2018 at 01:21:22PM -0700, Eric Biggers wrote: > > On Mon, Mar 12, 2018 at 10:57:07AM -0700, Eric Biggers wrote: > > > On Wed, Mar 07, 2018 at 03:54:37PM +, David Howells wrote: > > > > Eric Biggerswrote: > > > > > > > > > Fix it by limiting option strings (combined name + value) to a much > > > > > more > > > > > reasonable 128 bytes. The exact limit is arbitrary, but currently the > > > > > only recognized option is formatted as "dnserror=%lu" which fits well > > > > > within this limit. > > > > > > > > There will be more options coming ("ipv4", "ipv6") but they shouldn't > > > > overrun > > > > this limit and we can always extend the limit if need be. > > > > > > > > David > > > > > > David (Howells) do you want to take this patch through the keyrings tree > > > or > > > should I ask David Miller to take it through net-next? > > > > > > Eric > > > > Ping. > > Ping again. Times up. I'll resend for net-next. Eric
Re: [PATCH v2] KEYS: DNS: limit the length of option strings
On Fri, Mar 23, 2018 at 01:21:22PM -0700, Eric Biggers wrote: > On Mon, Mar 12, 2018 at 10:57:07AM -0700, Eric Biggers wrote: > > On Wed, Mar 07, 2018 at 03:54:37PM +, David Howells wrote: > > > Eric Biggerswrote: > > > > > > > Fix it by limiting option strings (combined name + value) to a much more > > > > reasonable 128 bytes. The exact limit is arbitrary, but currently the > > > > only recognized option is formatted as "dnserror=%lu" which fits well > > > > within this limit. > > > > > > There will be more options coming ("ipv4", "ipv6") but they shouldn't > > > overrun > > > this limit and we can always extend the limit if need be. > > > > > > David > > > > David (Howells) do you want to take this patch through the keyrings tree or > > should I ask David Miller to take it through net-next? > > > > Eric > > Ping. Ping again.
Re: [PATCH v2] KEYS: DNS: limit the length of option strings
On Mon, Mar 12, 2018 at 10:57:07AM -0700, Eric Biggers wrote: > On Wed, Mar 07, 2018 at 03:54:37PM +, David Howells wrote: > > Eric Biggerswrote: > > > > > Fix it by limiting option strings (combined name + value) to a much more > > > reasonable 128 bytes. The exact limit is arbitrary, but currently the > > > only recognized option is formatted as "dnserror=%lu" which fits well > > > within this limit. > > > > There will be more options coming ("ipv4", "ipv6") but they shouldn't > > overrun > > this limit and we can always extend the limit if need be. > > > > David > > David (Howells) do you want to take this patch through the keyrings tree or > should I ask David Miller to take it through net-next? > > Eric Ping.
Re: [PATCH v2] KEYS: DNS: limit the length of option strings
On Wed, Mar 07, 2018 at 03:54:37PM +, David Howells wrote: > Eric Biggerswrote: > > > Fix it by limiting option strings (combined name + value) to a much more > > reasonable 128 bytes. The exact limit is arbitrary, but currently the > > only recognized option is formatted as "dnserror=%lu" which fits well > > within this limit. > > There will be more options coming ("ipv4", "ipv6") but they shouldn't overrun > this limit and we can always extend the limit if need be. > > David David (Howells) do you want to take this patch through the keyrings tree or should I ask David Miller to take it through net-next? Eric
Re: [PATCH v2] KEYS: DNS: limit the length of option strings
Eric Biggerswrote: > Fix it by limiting option strings (combined name + value) to a much more > reasonable 128 bytes. The exact limit is arbitrary, but currently the > only recognized option is formatted as "dnserror=%lu" which fits well > within this limit. There will be more options coming ("ipv4", "ipv6") but they shouldn't overrun this limit and we can always extend the limit if need be. David