lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 01 Jul 2015 14:25:35 +0800
From:	Pan Xinhui <xinhuix.pan@...el.com>
To:	Frans Klaver <fransklaver@...il.com>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Yury Norov <yury.norov@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Rasmus Villemoes <linux@...musvillemoes.dk>, tj@...nel.org,
	Peter Zijlstra <peterz@...radead.org>, sudeep.holla@....com,
	mina86@...a86.com, "mnipxh@....com" <mnipxh@....com>,
	Alexey Klimov <klimov.linux@...il.com>,
	"yanmin_zhang@...ux.intel.com" <yanmin_zhang@...ux.intel.com>
Subject: Re: [PATCH V2] lib/bitmap.c: fix some parsing issues and code style

hello, Frans
	thanks for your reply :)

On 2015年07月01日 14:17, Frans Klaver wrote:
> On Wed, Jul 1, 2015 at 6:15 AM, Pan Xinhui <xinhuix.pan@...el.com> wrote:
>>
>> In __bitmap_parselist we can accept whitespaces on head or tail
>> during every parsing procedure.
>> If input has valid ranges, there is no reason to reject the user.
>>
>> fixes are:
>> 1) if input ends with ',', bit 0 might be set unexpectedly.
>> now we check if any digit is available after every loop.
>> 2) if input has '0-', bit 0 might be set unexpectedly,
>> now we return -EINVAL as this kind of input is definitely wrong.
>> 3) minor code style fix in __bitmap_parse.
>> and avoid in-loop incrementation of ndigits.
>
> Why not three patches, so it becomes easier to see which is which?
>
your advice sounds good, I will have a try. and welcome for review. :)
thanks.

>
>> commit 2528a8b also add some check, but it's still not enough.
>> it only correct the result in fix 1 above.
>
> I believe the convention is to have at least 12 characters of the
> sha1, with the title behind it: 2528a8b8f457 (__bitmap_parselist: fix
> bug in empty string handling). Using only seven characters still risks
> collisions.
>
sorry for my lack knowledge of comment rules. thanks for pointing out my mistakes.

thanks
xinhui

> Thanks,
> Frans
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ