| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Mar 2018 08:45:19 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Petr Mladek <pmladek@...e.com>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
"Tobin C . Harding" <me@...in.cc>, Joe Perches <joe@...ches.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Michal Hocko <mhocko@...e.cz>
Subject: Re: [PATCH] vsprintf: Make "null" pointer dereference more robust
On Thu, Mar 8, 2018 at 6:18 AM, Petr Mladek <pmladek@...e.com> wrote:
> On Wed 2018-03-07 10:34:17, Linus Torvalds wrote:
>>
>> Guess what happens now to any crash report if it uses %p and there is
>> anything wrong with the VM?
>
> This patch does _not_ affect plain %p, %px, and %pK!
Umm. Look again. It _does_ affect plain %p.
You're correct that it doesn't affect %px and %pK, since those never
printed out (null) in the first place.
> It affects %s and %p* modifiers that need to read data from the
> given address.
_If_ that was what the patch did, it would be fine.
But it isn't.
It not only affects %p, but it also affects %pS and friends (sSfFB),
that do not access the location (well, on some architectures those
might, to dereference a function descriptor, but then they will check
the address range).
So that patch really is completely broken for the reasons I outlined.
Now, if it was fixed to what you apparently *intended* to do, then
that would be ok.
Linus
Powered by blists - more mailing lists