lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 25 Nov 2009 21:20:06 +0800
From:	"Liuweni" <qingshenlwy@...il.com>
To:	"Ingo Molnar" <mingo@...e.hu>
Cc:	"linux-kernel" <linux-kernel@...r.kernel.org>,
	"xgr178" <xgr178@....com>, "Jiri Kosina" <jkosina@...e.cz>
Subject: Re: [PATCH]irq/core:Add a length limitation

Hi Ingo,
    I don't know whether this situation happened in the past.
I upload this code for code Integrity. The WARN_ON is set on OFF, 
While anybody use it, and set it ON. 

Thank you for you suggestion.
I modify the code and use  scripts/checkpatch.pl and scripts/get_maintainer.pl
on the patch. Please have a check later.


--------------
Best Regards,
Liuweni
2009-11-25


发件人: Ingo Molnar 
发送时间: 2009-11-24  22:45:38 
收件人: Liuweni; Thomas Gleixner 
抄送: linux-kernel; xgr178; Jiri Kosina; qingshenlwy 
主题: Re: [PATCH]irq/core:Add a length limitation 
 
* Liuweni <qingshenlwy@...il.com> wrote:
> In the register_handler_proc(), the max length of irqaction->name is 
> MAX_NAMELEN. And this function will call name_unique() to compare name 
> with other irqs'.
>
> There is no any code for limitation the length. I add a warning in the 
> function to notice that the irqaction->name is too long.
> 
> Signed-off-by: Liuwenyi <qingshenlwy@...il.com>
> ---
> diff --git a/kernel/irq/proc.c b/kernel/irq/proc.c
> index 0832145..9ab6e04 100644
> --- a/kernel/irq/proc.c
> +++ b/kernel/irq/proc.c
> @@ -196,6 +196,9 @@ void register_handler_proc(unsigned int irq, struct irqaction *action)
>   char name [MAX_NAMELEN];
>   struct irq_desc *desc = irq_to_desc(irq);
>  
> + if(strlen(action->name) >= MAX_NAMELEN)
> + WARN_ON(1);
> +
Has this situation happened in the past that requires this check to be 
added? The current limit of 128 chars is quite generous. Also, the check 
is buggy, it's off by 1.
( Also, please use scripts/checkpatch.pl on patches and please use 
  'scripts/get_maintainer.pl -f kernel/irq/proc.c' when constructing Cc: 
  lines. )
Thanks,
Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ