[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH RESEND v3] nbd_genl_status: null check for nla_nest_start

Thanks for the reply.

On Thu, Mar 23, 2023 at 04:51:17PM -0600, Jens Axboe <axboe@kernel.dk> wrote:
> So please don't mix CVEs into any of this, they don't matter one bit.

Do not shoot the messenger.

(But I'll refrain from that numeric reference to disincentivize such
trophy collecting.)

> Never have, and never will. What's important is how the bug can be
> triggered.

From my perspective it's pragmatic better-safe-than-sorry -- a proof may
be conceived that rules out any triggering condition, it's less work to
put the guard in though.

My .02€,

Attachment: signature.asc
Description: PGP signature

Reply to: