| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c06da705-3151-0902-066a-92d2e7c558bd@kernel.dk>
Date: Fri, 2 Oct 2020 17:58:33 -0600
From: Jens Axboe <axboe@...nel.dk>
To: "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc: linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org, Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH][next] block: scsi_ioctl: Avoid the use of one-element
arrays
On 10/2/20 6:03 PM, Gustavo A. R. Silva wrote:
> On Fri, Oct 02, 2020 at 05:53:05PM -0600, Jens Axboe wrote:
>> On 10/2/20 5:10 PM, Gustavo A. R. Silva wrote:
>>> diff --git a/include/uapi/linux/cdrom.h b/include/uapi/linux/cdrom.h
>>> index 2817230148fd..6c34f6e2f1f7 100644
>>> --- a/include/uapi/linux/cdrom.h
>>> +++ b/include/uapi/linux/cdrom.h
>>> @@ -289,7 +289,10 @@ struct cdrom_generic_command
>>> unsigned char data_direction;
>>> int quiet;
>>> int timeout;
>>> - void __user *reserved[1]; /* unused, actually */
>>> + union {
>>> + void __user *reserved[1]; /* unused, actually */
>>> + void __user *unused;
>>> + };
>>
>> What's the point of this union, why not just turn it into
>>
>> void * __user *unused;
>>
>> ?
>
> I just don't want to take any chances of breaking any user-space
> application that, for some reason, may be considering that field.
I guess that's a valid concern, who knows what applications are doing
to an ignored field.
I'll apply it, thanks.
--
Jens Axboe
Powered by blists - more mailing lists