| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Jul 2009 09:08:06 +0800 From: Li Zefan <lizf@...fujitsu.com> To: Johannes Berg <johannes@...solutions.net> CC: linux-kernel <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>, Frederic Weisbecker <fweisbec@...il.com>, Steven Rostedt <rostedt@...dmis.org> Subject: Re: event tracing, ringbuffer and RB_MAX_SMALL_DATA Johannes Berg wrote: > Hi, > > By code inspection, I think there's a bug if your event contains only > > __dynamic_array(u8, buf, buflen) > > and your buflen is only, say, 3. Then the event size will be the common > event size (12 bytes) plus this, so 15, which is well below > RB_MAX_SMALL_DATA (4*28 = 112), so it'll be divided by four to be stored > into type_len. At this point, however, you've lost the information that > your dynamic array was only three bytes, and it'll be considered _four_ > bytes long by parsers as far as I can tell? > Right, the length of a dynamic array is not recorded, and this causes 2 problems: - the event filter is not working properly for dynamic strings - userspace parsers can't figure out the length of those arrays I had an idea some time ago, and hopefully will send out a patch today or tomorrow. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists