| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jul 2018 18:47:40 +0200
From: Dmitry Vyukov <dvyukov@...gle.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: syzbot+2a831e062bb4aebd8755@...kaller.appspotmail.com,
Eric Van Hensbergen <ericvh@...il.com>,
Ron Minnich <rminnich@...dia.gov>,
Latchesar Ionkov <lucho@...kov.net>,
Jens Axboe <axboe@...nel.dk>,
Bart Van Assche <bart.vanassche@....com>,
David Miller <davem@...emloft.net>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Network Development <netdev@...r.kernel.org>,
Sagi Grimberg <sagi@...mberg.me>,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
kasan-dev <kasan-dev@...glegroups.com>
Subject: Re: general protection fault in in_aton
On Tue, Jul 10, 2018 at 10:15 PM, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
> On Tue, Jul 10, 2018 at 12:57 PM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>>
>> Is it really hard to get fault address? I know that userspace
>> generally receives fault address in siginfo.
>
> For an actual page fault it's trivial.
>
> However, for invalid addresses (aka "non-canonical"), you don't even
> get a page fault, you get a GP like in this case. And then the actual
> address is not available.
I see. Then I don't have any great ideas. Running without KASAN would
result in more, much more cryptic crashes.
FWIW for these "GPF could be caused by NULL-ptr deref" I first just
assume that it's in fact a NULL deref. And in this case it all pretty
quickly forms a consistent picture that it's indeed just a missing a
NULL pointer check. That dffffc0000000000 in a register also a good
hint.
Powered by blists - more mailing lists