linux.git - Linux kernel mainline tree

diff options

author	Edward Cree <ecree@solarflare.com>	2017-12-18 20:11:53 -0800
committer	Daniel Borkmann <daniel@iogearbox.net>	2017-12-21 02:15:41 +0100
commit	4374f256ce8182019353c0c639bb8d0695b4c941 (patch)
tree	8cc5cc5ecf8b7b1414810542b540b9b7bb3831e6 /tools
parent	19c832ed9b8f7b49fa5eeef06b4338af5fe5c1dc (diff)
download	linux-4374f256ce8182019353c0c639bb8d0695b4c941.tar.gz linux-4374f256ce8182019353c0c639bb8d0695b4c941.tar.bz2 linux-4374f256ce8182019353c0c639bb8d0695b4c941.zip

bpf/verifier: fix bounds calculation on BPF_RSH

Incorrect signed bounds were being computed. If the old upper signed bound was positive and the old lower signed bound was negative, this could cause the new upper signed bound to be too low, leading to security issues. Fixes: b03c9f9fdc37 ("bpf/verifier: track signed and unsigned min/max values") Reported-by: Jann Horn <jannh@google.com> Signed-off-by: Edward Cree <ecree@solarflare.com> Acked-by: Alexei Starovoitov <ast@kernel.org> [jannh@google.com: changed description to reflect bug impact] Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

Diffstat (limited to 'tools')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: