lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 18 Dec 2011 14:44:24 -0800 (PST)
From:	David Rientjes <rientjes@...gle.com>
To:	Ryota Ozaki <ozaki.ryota@...il.com>
cc:	linux-kernel@...r.kernel.org, Greg Kroah-Hartman <gregkh@...e.de>,
	linux-mm@...ck.org, stable@...nel.org
Subject: Re: [PATCH][RESEND] mm: Fix off-by-one bug in print_nodes_state

On Sun, 18 Dec 2011, Ryota Ozaki wrote:

> /sys/devices/system/node/{online,possible} involve a garbage byte
> because print_nodes_state returns content size + 1. To fix the bug,
> the patch changes the use of cpuset_sprintf_cpulist to follow the
> use at other places, which is clearer and safer.
> 

It's not a garbage byte, sysdev files use a buffer created with 
get_zeroed_page(), so extra byte is guaranteed to be zero since 
nodelist_scnprintf() won't write to it.  So the issue here is that 
print_nodes_state() returns a size that is off by one according to 
ISO C99 although it won't cause a problem in practice.

> This bug was introduced since v2.6.24.
> 

It's not a bug, the result of a 4-node system would be "0-3\n\0" and 
returns 5 correctly.  You can verify this very simply with strace.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ