lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87357wp1h7.fsf@linux.ibm.com>
Date:   Fri, 27 Jan 2023 07:10:28 -0600
From:   Nathan Lynch <nathanl@...ux.ibm.com>
To:     Andrew Donnellan <ajd@...ux.ibm.com>, linuxppc-dev@...ts.ozlabs.org
Cc:     Leonardo Bras <leobras.c@...il.com>,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH] powerpc/rtas: Replace one-element arrays with flexible
 arrays

Andrew Donnellan <ajd@...ux.ibm.com> writes:
> Using a one-element array as a fake flexible array is deprecated.
>
> Replace the one-element flexible arrays in rtas-types.h with C99 standard
> flexible array members instead.
>
> This helps us move towards enabling -fstrict-flex-arrays=3 in future.
>
> Found using scripts/coccinelle/misc/flexible_array.cocci.
>
> Cc: Nathan Lynch <nathanl@...ux.ibm.com>
> Cc: Leonardo Bras <leobras.c@...il.com>
> Cc: linux-hardening@...r.kernel.org
> Link: https://github.com/KSPP/linux/issues/21
> Link: https://github.com/KSPP/linux/issues/79
> Signed-off-by: Andrew Donnellan <ajd@...ux.ibm.com>
> ---
>  arch/powerpc/include/asm/rtas-types.h | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/rtas-types.h b/arch/powerpc/include/asm/rtas-types.h
> index 8df6235d64d1..40ec03a05c0b 100644
> --- a/arch/powerpc/include/asm/rtas-types.h
> +++ b/arch/powerpc/include/asm/rtas-types.h
> @@ -44,7 +44,7 @@ struct rtas_error_log {
>  	 */
>  	u8		byte3;			/* General event or error*/
>  	__be32		extended_log_length;	/* length in bytes */
> -	unsigned char	buffer[1];		/* Start of extended log */
> +	unsigned char	buffer[];		/* Start of extended log */
>  						/* Variable length.      */
>  };
>  
> @@ -85,7 +85,7 @@ struct rtas_ext_event_log_v6 {
>  					/* that defines the format for	*/
>  					/* the vendor specific log type	*/
>  	/* Byte 16-end of log */
> -	u8 vendor_log[1];		/* Start of vendor specific log	*/
> +	u8 vendor_log[];		/* Start of vendor specific log	*/
>  					/* Variable length.		*/
>  };

I see at least one place that consults the size of one of these structs,
in get_pseries_errorlog():

	/* Check that we understand the format */
	if (ext_log_length < sizeof(struct rtas_ext_event_log_v6) || ...

Don't all such sites need to be audited/adjusted for changes like this?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ