lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 8 Oct 2007 15:02:53 +0800
From:	WANG Cong <xiyou.wangcong@...il.com>
To:	Dave Young <hidave.darkstar@...il.com>
Cc:	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
	gregkh@...e.de
Subject: Re: [PATCH] param_sysfs_builtin memchr argument fix

On Mon, Oct 08, 2007 at 02:50:10PM +0800, Dave Young wrote:
>If memchr argument is longer than strlen(kp->name), there will be some
>weird result. 
>
>Signed-off-by: Dave Young <hidave.darkstar@...il.com> 
>
>---
>params.c |   10 ++++++++--
>1 file changed, 8 insertions(+), 2 deletions(-)


Hmm, you used diffstat without -p1?


>
>diff -upr linux/kernel/params.c linux.new/kernel/params.c
>--- linux/kernel/params.c	2007-10-08 14:30:06.000000000 +0800
>+++ linux.new/kernel/params.c	2007-10-08 14:31:22.000000000 +0800
>@@ -592,15 +592,21 @@ static void __init param_sysfs_builtin(v
> 
> 	for (i=0; i < __stop___param - __start___param; i++) {
> 		char *dot;
>+		int kplen;
> 
> 		kp = &__start___param[i];
>+		kplen = strlen(kp->name);

strlen() returns a size_t value, which is unsigned. ;)

> 
> 		/* We do not handle args without periods. */
>-		dot = memchr(kp->name, '.', MAX_KBUILD_MODNAME);
>+		if (kplen > MAX_KBUILD_MODNAME) {
>+			DEBUGP("kernel parameter %s is too long\n", kp->name);
>+			continue;
>+		}
>+		dot = memchr(kp->name, '.', kplen);
> 		if (!dot) {
> 			DEBUGP("couldn't find period in %s\n", kp->name);
> 			continue;
>-		}
>+		} 

You add an extra whitespace in the end of the line.


-- 
I try to say goodbye and I choke.
I try to walk away and I stumble.
I play it off, but I’m dreaming of you.
Though I try to hide it, it’s clear that
my world crumbles when you are not here.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ