lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <510390FD.6050206@gmail.com>
Date:	Sat, 26 Jan 2013 16:17:01 +0800
From:	Chen Gang F T <chen.gang.flying.transformer@...il.com>
To:	Chen Gang <gang.chen@...anux.com>
CC:	Theodore Ts'o <tytso@....edu>, Valdis.Kletnieks@...edu,
	Greg KH <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [Consult] Plan: personal contributes plan for 2013

Hello all:

Opinion:
  after think of again, for "10 patches per month":
  I think in kernel wide, it is not quite hard to perform.

Finished:
  currently (within Jan 2013)
    in next-20130125 tree, can find about 11 patches of mine.
      patch contents: usb, staging, tty sub-systems, ...
      patch type:     1 for MAINTAINER, 1 for beautify code,
                      others for memory override or resource management.
      marked as:      9 for Signed-of-by, 2 for Reported-by
    (please use "git log", then search "Chen Gang" to get details)
    (also, I do it in part time in Jan 2013)

Ways:
  for memory override:
    A) search strcpy, strncpy, sprintf, and memcpy in kernel wide
    B) we will get more than 10,000 lines (maybe almost 100,000 lines).
    C) then see each of them.
    in my experience (statistic): can find a bug per 10 lines.

  for resource management:
    A) at least, we can search 'kfree' in kernel wide
    B) we will get more than 10,000 lines (maybe almost 100,000 lines).
    C) then see each of them.
    in my experience (statistic): can find a bug per 100 lines.

Hope:
  if most of my patches are qualified both for "Accept" and for "Quality"

    I hope to share this simple way to every one.
    so that, most of us can provide more valuable patches in this simple way.

  else (most of my patches are not qualified)

    please give reasons.
    if really they are, I should notice next time (also need adjust my plan)


  thanks


-- 
Chen Gang

Flying Transformer

View attachment "chen_gang_flying_transformer.vcf" of type "text/x-vcard" (67 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ