lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110226073633.GA1753@polaris.bitmath.org>
Date:	Sat, 26 Feb 2011 08:36:33 +0100
From:	"Henrik Rydberg" <rydberg@...omail.se>
To:	Rafi Rubin <rafi@...s.upenn.edu>
Cc:	jkosina@...e.cz, linux-input@...r.kernel.org,
	linux-kernel@...r.kernel.org, micki@...rig.com, chatty@...c.fr,
	trivial@...nel.org, peter.hutterer@...-t.net
Subject: Re: [PATCH 1/2] HID: ntrig don't dereference unclaimed hidinput

Hi Rafi,

On Fri, Feb 25, 2011 at 12:15:31AM -0500, Rafi Rubin wrote:
> Moved the claimed input check before dereferencing field->hidinput to
> fix a reported invalid deference bug.

How long has this problem been seen? If it is recent, it should
perhaps be fixed in the hid core instead. If it turns out to be an old
problem, please add stable to the Cc.

> Switched to a goto instead of an extra indent for most of the function.

If you put these janitory changes into a separate patch, it will be
much easier to apply the bugfix to stable versions.

Thanks,
Henrik
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ