lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090102102522.GA13629@localhost>
Date:	Fri, 2 Jan 2009 13:25:22 +0300
From:	Cyrill Gorcunov <gorcunov@...il.com>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	hpa@...or.com, linux-kernel@...r.kernel.org, tglx@...utronix.de,
	Len Brown <lenb@...nel.org>
Subject: Re: [patch 3/3] acpi: check for pxm_to_node_map overflow

[Ingo Molnar - Fri, Jan 02, 2009 at 10:23:30AM +0100]
| 
| * Cyrill Gorcunov <gorcunov@...il.com> wrote:
| 
| > It is hardly (if ever) possible but in case of broken _PXM
| > entry we could reach out of pxm_to_node_map array
| > bounds in acpi_map_pxm_to_node() call. Lets check it
| > (it's not that expensive and safe).
| > 
| > Signed-off-by: Cyrill Gorcunov <gorcunov@...nvz.org>
| > CC: Len Brown <lenb@...nel.org>
| > ---
| >  drivers/acpi/numa.c |    2 +-
| >  1 file changed, 1 insertion(+), 1 deletion(-)
| 
| just curious - how did you find this - code review or some tool help like 
| Sparse output or a compiler warning?
| 
| 	Ingo
| 

Unfortunately -- by reading the code :( I would prefer
if gcc or sparse complain about it but we have indirect
referring which is that hard to trace by any tool I believe
(until say some emulator but even if we have such kind of
tool we would need to tell it that 'there we have boundries
we shouldn't cross)'. But to be fair -- I didn't try sparse
here maybe it does complain :)

		- Cyrill -
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ