| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jan 2022 13:54:04 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Kees Cook <keescook@...omium.org>
Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>,
Viresh Kumar <vireshk@...nel.org>,
Johan Hovold <johan@...nel.org>, Alex Elder <elder@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
greybus-dev@...ts.linaro.org, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] staging: greybus: i2c: Use struct_size() helper in
gb_i2c_operation_create()
On Mon, Jan 24, 2022 at 12:19:03PM -0800, Kees Cook wrote:
> This could still overflow if struct_size() returns SIZE_MAX. Perhaps:
>
> if (check_add_overflow(struct_size(request, ops, msg_count),
> data_out_size, &request_size))
> request_size = SIZE_MAX;
>
> I should brush off the saturating arithmetic helpers series:
> https://lore.kernel.org/all/20210920180853.1825195-1-keescook@chromium.org/
Yes, please! Those seem like a million times easier to use.
regards,
dan carpenter
Powered by blists - more mailing lists