lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 5 Jun 2015 10:22:57 +0530
From:	Sudip Mukherjee <sudipm.mukherjee@...il.com>
To:	Joe Perches <joe@...ches.com>
Cc:	Thomas Petazzoni <thomas.petazzoni@...e-electrons.com>,
	Noralf Trønnes <noralf@...nnes.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] staging: fbtft: fix out of bound access

On Thu, Jun 04, 2015 at 01:48:31PM -0700, Joe Perches wrote:
> On Thu, 2015-06-04 at 19:04 +0530, Sudip Mukherjee wrote:
> > str was 16 bytes but was mentioned as 128 in snprintf.
> > again msg is 128 bytes but not sufficient to hold the complete debug
> > message of register values.
> > Now removed the use of str, msg and print the register values from the
> > loop.
> []
> > v2: removed the use of msg and str.
> 
> It's nice to cc the people that give you suggestions when
> you send a new version of a patch.
oops, i thought but apparently i forgot while sending.
actuially I was going through one of your advise you gave long ago
(https://lkml.org/lkml/2014/10/11/85) , and I was trying to find
out the effects of that on the way i have done the v2 and I changed
it again to arrive at the posted patch. While doing all these, ccing
you just slipped out of my mind. sorry again.
> 
> > diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c
> []
> > @@ -1067,8 +1067,6 @@ static int fbtft_init_display_dt(struct fbtft_par *par)
> >  	const __be32 *p;
> >  	u32 val;
> >  	int buf[64], i, j;
> []
> >  			par->fbtftops.write_register(par, i,
> >  				buf[0], buf[1], buf[2], buf[3],
> 
> It seems there are only 2 callers of (*write_register)()
> and the arguments are always an in-order array int[64]
> 
> Maybe it'd be nicer to change the prototypes of the
> write_register functions to take a const int * 
> instead of pushing 64 ints on the stack.
yes, I will send it as a separate patch as that is another change.

regards
sudip

> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ