lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <169601489953.3012131.13922425518082792309.b4-ty@chromium.org> Date: Fri, 29 Sep 2023 12:14:59 -0700 From: Kees Cook <keescook@...omium.org> To: Pierre-Louis Bossart <pierre-louis.bossart@...ux.intel.com>, Liam Girdwood <lgirdwood@...il.com>, Peter Ujfalusi <peter.ujfalusi@...ux.intel.com>, Bard Liao <yung-chuan.liao@...ux.intel.com>, Ranjani Sridharan <ranjani.sridharan@...ux.intel.com>, Daniel Baluta <daniel.baluta@....com>, Kai Vehmanen <kai.vehmanen@...ux.intel.com>, Mark Brown <broonie@...nel.org>, Jaroslav Kysela <perex@...ex.cz>, Takashi Iwai <tiwai@...e.com>, "Gustavo A. R. Silva" <gustavoars@...nel.org> Cc: Kees Cook <keescook@...omium.org>, sound-open-firmware@...a-project.org, alsa-devel@...a-project.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH][next] ASoC: SOF: ipc4-topology: Use size_add() in call to struct_size() On Fri, 15 Sep 2023 13:09:11 -0600, Gustavo A. R. Silva wrote: > If, for any reason, the open-coded arithmetic causes a wraparound, > the protection that `struct_size()` adds against potential integer > overflows is defeated. Fix this by hardening call to `struct_size()` > with `size_add()`. > > Applied to for-next/hardening, thanks! [1/1] ASoC: SOF: ipc4-topology: Use size_add() in call to struct_size() https://git.kernel.org/kees/c/93d2858dd630 Take care, -- Kees Cook
Powered by blists - more mailing lists