lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Jan 2022 13:16:51 -0800 From: Nick Desaulniers <ndesaulniers@...gle.com> To: Kees Cook <keescook@...omium.org> Cc: Rasmus Villemoes <linux@...musvillemoes.dk>, "Gustavo A . R . Silva" <gustavoars@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Jason Gunthorpe <jgg@...pe.ca>, Leon Romanovsky <leon@...nel.org>, Keith Busch <kbusch@...nel.org>, Len Baker <len.baker@....com>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH 1/2] overflow: Implement size_t saturating arithmetic helpers On Mon, Jan 24, 2022 at 1:13 PM Kees Cook <keescook@...omium.org> wrote: > > What I'd really like is a "store this in a size_t" check to catch dumb > storage size problems (or related overflows). In other words: > > size_t big1 = 2147483647; > size_t big2 = 2147483647; > > /* Doesn't overflow, but 4611686014132420609 becomes a 1 for int */ > int size = size_mul(big1, big2); > ... > ptr = kmalloc(size, GFP_KERNEL); /* Allocates a 1 instead... */ -Wshorten-64-to-32 ? -- Thanks, ~Nick Desaulniers
Powered by blists - more mailing lists