lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120312130353.GF3337@mwanda>
Date:	Mon, 12 Mar 2012 16:03:53 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	KY Srinivasan <kys@...rosoft.com>
Cc:	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"ohering@...e.com" <ohering@...e.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"virtualization@...ts.osdl.org" <virtualization@...ts.osdl.org>,
	Alan Stern <stern@...land.harvard.edu>,
	"devel@...uxdriverproject.org" <devel@...uxdriverproject.org>
Subject: Re: [PATCH 2/4] Drivers: hv: Support the newly introduced KVP
 messages in the driver

On Mon, Mar 12, 2012 at 12:36:53PM +0000, KY Srinivasan wrote:
> Dan,
> I am sorry for not being as precise as I should be:
> utf16s_to_utf8s() takes two length parameters - the length of the utf16 string
> that is to be converted and the second the length of the utf8 output string.
> The windows host manipulates all string in utf16 encoding and the string we get
> from the host is guaranteed to be less than or equal to MAX value that we have
> including the terminating character. In my code, I simply pass the length of the 
> utf16 string as received from the host.
> 
> The parameter that I am currently passing MAX length value is the "maxout" 
> parameter of the utf16s_utf8s() function. This by definition is the size of the
> output buffer and in this case it happens to be MAX characters big.
> 

I also think I'm not being as clear as I should...  I understand
that you trust the input; I'm say that for correctness sake you
should specify a output size which leaves room for the NUL char.

I can't say I know this code very well so I could be wrong, but it's
what we do inside usb_string() for example.  Can someone who knows
the code check if we should do something like this:

diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c
index 3b2eeaa..3a97f52 100644
--- a/drivers/hv/hv_kvp.c
+++ b/drivers/hv/hv_kvp.c
@@ -173,7 +173,7 @@ kvp_send_key(struct work_struct *dummy)
 				in_msg->body.kvp_set.data.value_size,
 				UTF16_LITTLE_ENDIAN,
 				message->body.kvp_set.data.value,
-				HV_KVP_EXCHANGE_MAX_VALUE_SIZE) + 1;
+				HV_KVP_EXCHANGE_MAX_VALUE_SIZE - 1) + 1;
 				break;
 
 			case REG_U32:
@@ -208,7 +208,7 @@ kvp_send_key(struct work_struct *dummy)
 				in_msg->body.kvp_set.data.key_size,
 				UTF16_LITTLE_ENDIAN,
 				message->body.kvp_set.data.key,
-				HV_KVP_EXCHANGE_MAX_KEY_SIZE) + 1;
+				HV_KVP_EXCHANGE_MAX_KEY_SIZE - 1) + 1;
 
 			break;
 
@@ -219,7 +219,7 @@ kvp_send_key(struct work_struct *dummy)
 				in_msg->body.kvp_delete.key_size,
 				UTF16_LITTLE_ENDIAN,
 				message->body.kvp_delete.key,
-				HV_KVP_EXCHANGE_MAX_KEY_SIZE) + 1;
+				HV_KVP_EXCHANGE_MAX_KEY_SIZE - 1) + 1;
 
 			break;
 

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ