| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Aug 2016 15:34:07 +0300
From: Andrey Ryabinin <aryabinin@...tuozzo.com>
To: Alexander Potapenko <glider@...gle.com>
CC: Andrew Morton <akpm@...ux-foundation.org>,
Dave Jones <davej@...emonkey.org.uk>,
Vegard Nossum <vegard.nossum@...cle.com>,
"Sasha Levin" <alexander.levin@...izon.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
kasan-dev <kasan-dev@...glegroups.com>,
LKML <linux-kernel@...r.kernel.org>,
Linux Memory Management List <linux-mm@...ck.org>
Subject: Re: [PATCH 6/6] kasan: improve double-free reports.
On 08/02/2016 02:39 PM, Alexander Potapenko wrote:
>> +static void kasan_end_report(unsigned long *flags)
>> +{
>> + pr_err("==================================================================\n");
>> + add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE);
> Don't we want to add the taint as early as possible once we've
> detected the error?
What for?
It certainly shouldn't be before dump_stack(), otherwise on the first report the kernel will claimed as tainted.
>>
>> +void kasan_report_double_free(struct kmem_cache *cache, void *object,
>> + s8 shadow)
>> +{
>> + unsigned long flags;
>> +
>> + kasan_start_report(&flags);
>> + pr_err("BUG: Double free or corrupt pointer\n");
> How about "Double free or freeing an invalid pointer\n"?
> I think "corrupt pointer" doesn't exactly reflect where the bug is.
Ok
Powered by blists - more mailing lists