| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Jan 2022 13:16:51 -0800
From: Nick Desaulniers <ndesaulniers@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Rasmus Villemoes <linux@...musvillemoes.dk>,
"Gustavo A . R . Silva" <gustavoars@...nel.org>,
Nathan Chancellor <nathan@...nel.org>,
Jason Gunthorpe <jgg@...pe.ca>,
Leon Romanovsky <leon@...nel.org>,
Keith Busch <kbusch@...nel.org>, Len Baker <len.baker@....com>,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH 1/2] overflow: Implement size_t saturating arithmetic helpers
On Mon, Jan 24, 2022 at 1:13 PM Kees Cook <keescook@...omium.org> wrote:
>
> What I'd really like is a "store this in a size_t" check to catch dumb
> storage size problems (or related overflows). In other words:
>
> size_t big1 = 2147483647;
> size_t big2 = 2147483647;
>
> /* Doesn't overflow, but 4611686014132420609 becomes a 1 for int */
> int size = size_mul(big1, big2);
> ...
> ptr = kmalloc(size, GFP_KERNEL); /* Allocates a 1 instead... */
-Wshorten-64-to-32
?
--
Thanks,
~Nick Desaulniers
Powered by blists - more mailing lists