[LTP] [PATCH v2 3/3] Add test for CVE 2017-1000111
Martin Doucha
mdoucha@suse.cz
Mon May 25 16:50:37 CEST 2020
On 25. 05. 20 16:15, Petr Vorel wrote:
> Hi Martin,
>
>> +static void setup(void)
>> +{
>> + int real_uid = getuid();
>> + int real_gid = getgid();
>
> Don't we want to add here taint check (you had it in v1)?
> tst_taint_init(TST_TAINT_W | TST_TAINT_D);
Taint check is meaningless in this test because the only ill effect from
the race condition is that all incoming packets will be truncated to 0
bytes. Somebody would have to horribly break the code for receiving
incoming packets in order to turn this bug into something that can
actually taint the kernel.
--
Martin Doucha mdoucha@suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
More information about the ltp
mailing list