| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 26 Apr 2009 06:54:47 +0200 From: Németh Márton <nm127@...email.hu> To: Trent Piepho <xyzzy@...akeasy.org> CC: Mauro Carvalho Chehab <mchehab@...radead.org>, linux-media@...r.kernel.org, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] v4l2: fill the unused fields with zeros in case of VIDIOC_S_FMT Trent Piepho wrote: > On Sat, 25 Apr 2009, [UTF-8] Németh Márton wrote: >> The VIDIOC_S_FMT is a write-read ioctl: it sets the format and returns >> the current format in case of success. The parameter of VIDIOC_S_FMT >> ioctl is a pointer to struct v4l2_format. [1] This structure contains some >> fields which are not used depending on the .type value. These unused >> fields are filled with zeros with this patch. > > It's a union, so it's not really the case the the fields are unused. If > it's a non-private format, the structure will have some empty padding space > at the end of the structure after the last field for the format's type. Maybe I used the wrong word: my intention was to clear the unused padding bytes at the end of the fmt union. > Since it's just padding space and there are no fields defined, I don't > think we have to clear it. Think about a case when in a future kernel version one additional field is defined for example for struct v4l2_pix_format. Then an application is built with this extended structure. When the application runs on an older kernel then this new field will be not touched by the older kernel in other words the last field(s) of struct v4l2_pix_format will be uninitialized. The other reason why I think is useful to fill the padding bytes with zero is that this prevents doing dirty tricks between the application and the driver, for example communicating through padding bytes in case of a non-private format. >> struct v4l2_format *f = (struct v4l2_format *)arg; >> >> +#define CLEAR_UNUSED_FIELDS(data, last_member) \ >> + memset(((u8 *)f)+ \ >> + offsetof(struct v4l2_format, fmt)+ \ >> + sizeof(struct v4l2_ ## last_member), \ >> + 0, \ >> + sizeof(*f)- \ >> + offsetof(struct v4l2_format, fmt)+ \ >> + sizeof(struct v4l2_ ## last_member)) >> + > > What is "data" used for? The length in your memset is wrong. You didn't > run this through "make patch" did you? Because there are spacing/formatting > errors that that would have caught. Thank you for pointing out these problems. I'll send an update soon. I don't know anything about "make patch", but I have run the linux/scripts/checkpatch.pl against my patch and it found the patch OK. Regards, Márton Németh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists