| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Jan 2009 13:25:22 +0300 From: Cyrill Gorcunov <gorcunov@...il.com> To: Ingo Molnar <mingo@...e.hu> Cc: hpa@...or.com, linux-kernel@...r.kernel.org, tglx@...utronix.de, Len Brown <lenb@...nel.org> Subject: Re: [patch 3/3] acpi: check for pxm_to_node_map overflow [Ingo Molnar - Fri, Jan 02, 2009 at 10:23:30AM +0100] | | * Cyrill Gorcunov <gorcunov@...il.com> wrote: | | > It is hardly (if ever) possible but in case of broken _PXM | > entry we could reach out of pxm_to_node_map array | > bounds in acpi_map_pxm_to_node() call. Lets check it | > (it's not that expensive and safe). | > | > Signed-off-by: Cyrill Gorcunov <gorcunov@...nvz.org> | > CC: Len Brown <lenb@...nel.org> | > --- | > drivers/acpi/numa.c | 2 +- | > 1 file changed, 1 insertion(+), 1 deletion(-) | | just curious - how did you find this - code review or some tool help like | Sparse output or a compiler warning? | | Ingo | Unfortunately -- by reading the code :( I would prefer if gcc or sparse complain about it but we have indirect referring which is that hard to trace by any tool I believe (until say some emulator but even if we have such kind of tool we would need to tell it that 'there we have boundries we shouldn't cross)'. But to be fair -- I didn't try sparse here maybe it does complain :) - Cyrill - -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists