| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Feb 2018 00:17:55 +0100
From: Robert Abel <rabel@...ertabel.eu>
To: Andy Shevchenko <andy.shevchenko@...il.com>,
Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Cc: Willy Tarreau <w@....eu>,
Geert Uytterhoeven <geert@...ux-m68k.org>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/3] auxdisplay: charlcd: fix hex literal ranges for
graphics command
On 13 Feb 2018 14:36, Andy Shevchenko wrote:
> I understand that we have a huge and hopefully nice library in the
> kernel, but the question still the same, what prevents a developer or
> maintainer to look at it from time to time?
>
> For, I dare to say, ages we have hex_to_bin() and hex2bin().
> Can we use it?
hex_to_bin look fine to me, although personally I'm not a big fan of its
use of tolower.
The current parser implementation is much more lenient than hex2bin,
however. hex2bin won't parse strings containing illegal characters
(which are currently skipped) or hexadecimal strings with an odd number
of digits (which are currently allowed and the final digit will be ignored).
I noticed the only part of the code that does make use of library
functions, parsing x and y coordinates using kstrtoul, is broken.
Apparently it used to use simple_strtoul, which worked and then got
replaced. So apparently looking over the kernel lib from time to time
can also do some harm ;)
Patch incoming :)
Regards,
Robert
Powered by blists - more mailing lists