lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 1 Nov 2007 01:32:39 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Yinghai Lu <Yinghai.Lu@....COM>
Cc:	Greg Kroah-Hartman <gregkh@...e.de>,
	Gary Hade <gary.hade@...ibm.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	LKML <linux-kernel@...r.kernel.org>, linux-acpi@...r.kernel.org
Subject: Re: [PATCH] x86: check boundary in count/setup_resource called by
 get_current_resources

On Thu, 01 Nov 2007 01:20:29 -0700 Yinghai Lu <Yinghai.Lu@....COM> wrote:

> [PATCH] x86: check boundary in count/setup_resource called by get_current_resources
> 
> need to check info->res_num less than PCI_BUS_NUM_RESOURCES, so
> info->bus->resource[info->res_num] = res will not beyond of bus resource array
> when acpi resutrn too many resource entries.
> 

Isn't this a bit of a problem?  It sounds like PCI_BUS_NUM_RESOURCES is to
small for that system?  If so, some sort of dynamic allocation might be
needed.

> 
> Index: linux-2.6/arch/x86/pci/acpi.c
> ===================================================================
> --- linux-2.6.orig/arch/x86/pci/acpi.c
> +++ linux-2.6/arch/x86/pci/acpi.c
> @@ -77,9 +77,13 @@ count_resource(struct acpi_resource *acp
>  	struct acpi_resource_address64 addr;
>  	acpi_status status;
>  
> +	if (info->res_num >= PCI_BUS_NUM_RESOURCES)
> +		return AE_OK;
> +
>  	status = resource_to_addr(acpi_res, &addr);
>  	if (ACPI_SUCCESS(status))
>  		info->res_num++;
> +
>  	return AE_OK;
>  }

grump.  I don't know why people like a blank line before `return': it's
just a waste of screen space.  And the surrounding code in
arch/x86/pci/acpi.c doesn't do this either.

> @@ -93,6 +97,9 @@ setup_resource(struct acpi_resource *acp
>  	unsigned long flags;
>  	struct resource *root;
>  
> +	if (info->res_num >= PCI_BUS_NUM_RESOURCES)
> +		return AE_OK;

And should we really be silently ignoring this problem?  Should we at least
report it?

>  	status = resource_to_addr(acpi_res, &addr);
>  	if (!ACPI_SUCCESS(status))
>  		return AE_OK;
>  
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ