lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202209140658.A471548@keescook> Date: Wed, 14 Sep 2022 06:59:24 -0700 From: Kees Cook <keescook@...omium.org> To: David Gow <davidgow@...gle.com> Cc: linux-hardening@...r.kernel.org, Nathan Chancellor <nathan@...nel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] fortify: Adjust KUnit test for modular build On Wed, Sep 14, 2022 at 06:13:59PM +0800, David Gow wrote: > On Wed, Sep 14, 2022 at 1:31 AM Kees Cook <keescook@...omium.org> wrote: > > > > A much better "unknown size" string pointer is available directly from > > struct test, so use that instead of a global that isn't shared with > > modules. > > > > Reported-by: Nathan Chancellor <nathan@...nel.org> > > Link: https://lore.kernel.org/lkml/YyCOHOchVuE/E7vS@dev-arch.thelio-3990X > > Fixes: 875bfd5276f3 ("fortify: Add KUnit test for FORTIFY_SOURCE internals") > > Cc: linux-hardening@...r.kernel.org > > Signed-off-by: Kees Cook <keescook@...omium.org> > > --- > > Whoops! Thanks Nathan! :) This fixes it for your reproducer. > > Ah, this is better than saved_command_line, IMO. I don't think it'd > necessarily be a _disaster_ to just introduce a new dynamically-sized > string here, which would be more explicit, but test->name is at least > obviously related to this file anyway. Yeah, and I'm trying to explicitly use a string that the compiler won't immediately be able to see through, so best to get it from an external source. > Reviewed-by: David Gow <davidgow@...gle.com> Thanks! -Kees -- Kees Cook
Powered by blists - more mailing lists