lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080731194207.GA12233@anvil.corenet.prv>
Date:	Thu, 31 Jul 2008 15:42:07 -0400
From:	Dmitry Torokhov <dmitry.torokhov@...il.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	"Rafael J. Wysocki" <rjw@...k.pl>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Bartlomiej Zolnierkiewicz <bzolnier@...il.com>,
	Stephen Rothwell <sfr@...b.auug.org.au>,
	linux-next@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
	linux-input@...r.kernel.org
Subject: Re: linux-next: Tree for July 30

On Thu, Jul 31, 2008 at 03:24:02PM -0400, Dmitry Torokhov wrote:
> On Thu, Jul 31, 2008 at 12:10:40PM -0700, Linus Torvalds wrote:
> > 
> > Sorry, but you're simply wrong.
> > 
> > If somebody has the commit that broke user space, that commit will be 
> > _reverted_ unless it's fixed. It's that simple. The rules are: we don't 
> > knowingly break user space. 
> >
> 
> We have 3 options now:
> 
> 1. Never change KEY_MAX and dont add any new key definitions.
> 2. Introduce a new ioctl and have all wel-behaving programs rewritten
>    to support it.
> 3. Fix userspace driver (patch is available).
> 
> Gioventhe fact that I wanted that change to go when .28 opens and it
> will really hit users in 6+ months I'd still like to have 3.
>  

I guess we could do something like the below, but it is soooo ugly...

Input: paper over a bug in Synaptics X driver

Signed-off-by: Dmitry Torokhov <dtor@...l.ru>
---

 drivers/input/evdev.c |   14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c
index 2d65411..c78a63b 100644
--- a/drivers/input/evdev.c
+++ b/drivers/input/evdev.c
@@ -736,8 +736,10 @@ static long evdev_do_ioctl(struct file *file, unsigned int cmd,
 			if ((_IOC_NR(cmd) & ~EV_MAX) == _IOC_NR(EVIOCGBIT(0, 0))) {
 
 				unsigned long *bits;
+				unsigned int buf_len = _IOC_SIZE(cmd);
 				int len;
 
+
 				switch (_IOC_NR(cmd) & EV_MAX) {
 
 				case      0: bits = dev->evbit;  len = EV_MAX;  break;
@@ -751,7 +753,17 @@ static long evdev_do_ioctl(struct file *file, unsigned int cmd,
 				case EV_SW:  bits = dev->swbit;  len = SW_MAX;  break;
 				default: return -EINVAL;
 				}
-				return bits_to_user(bits, len, _IOC_SIZE(cmd), p, compat_mode);
+
+				if ((_IOC_NR(cmd) & EV_MAX) == EV_KEY && buf_len == 0x1ff) {
+					printk(KERN_WARNING
+						"evdev.c(EVIOCGBIT): Detected suspicious "
+						"buffer size 0x1ff, limiting output to 64 "
+						"bytes. Make sure you are not using "
+						"EVIOCGBIT(EV_KEY, KEY_MAX)\n");
+					buf_len = 64; 
+				}
+
+				return bits_to_user(bits, len, buf_len, p, compat_mode);
 			}
 
 			if (_IOC_NR(cmd) == _IOC_NR(EVIOCGKEY(0)))
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ