| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 04 Sep 2010 09:41:30 +0300 From: Adrian Hunter <adrian.hunter@...ia.com> To: Dan Carpenter <error27@...il.com> CC: Adrian Hunter <adrian.hunter@...ia.com>, linux-kernel@...r.kernel.org, Jens Axboe <axboe@...nel.dk> Subject: Re: does "block: add secure discard" cause an overflow? Dan Carpenter wrote: > This is the commit 8d57a98ccd0b44 "block: add secure discard". > > The patch adds a letter 'E' to the string in blk_fill_rwbs(). > if (rw & REQ_SECURE) > rwbs[i++] = 'E'; > > The problem is that "rwbs" is a 6 character buffer and if all the flags > are set the we'd get "WABSME" which would put us off the end (when you > add the NUL terminator). E goes with D which will not have either A or M, so there will not be a rwbs with E that has more than 5 characters. > > regards, > dan carpenter > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists