lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1448578076.18647.37.camel@perches.com>
Date:	Thu, 26 Nov 2015 14:47:56 -0800
From:	Joe Perches <joe@...ches.com>
To:	Julia Lawall <julia.lawall@...6.fr>,
	Al Viro <viro@...IV.linux.org.uk>, lkp <lkp@...el.com>,
	Fengguang Wu <fengguang.wu@...el.com>
Cc:	Theodore Ts'o <tytso@....edu>, linux-ext4@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fix an endianness bug in ext4_encrypted_follow_link()

On Thu, 2015-11-26 at 22:28 +0100, Julia Lawall wrote:
> On Thu, 26 Nov 2015, Al Viro wrote:
> > On Thu, Nov 26, 2015 at 11:40:37AM -0800, Joe Perches wrote:
> > (cc'ing Julia Lawall)
> > > On Thu, 2015-11-26 at 15:27 +0000, Al Viro wrote:
> > > applying le32_to_cpu() to 16bit value is a bad idea...
> > Julia, perhaps you or your crew could produce a coccinelle test
> > for this class of error?
> What's wrong with something like make C=2 CF=-D__CHECK_ENDIAN__ fs/ext4/ ?
> Worked just fine, TYVM -
> sparse does locate them...

Nothing at all.

> As long as the code of interest is getting compiled in the current
> configuration, relying on the compiler for this seems like a better choice.

Sparse isn't the compiler, but that would be fine by me
as long as something can catch them.

The original commit (f348c252320b9) was from April.
Isn't the kbuild robot using sparse and __CHECK_ENDIAN__?

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ