| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <51544594.2010509@suse.cz>
Date: Thu, 28 Mar 2013 14:28:52 +0100
From: Jiri Slaby <jslaby@...e.cz>
To: Mathieu Poirier <mathieu.poirier@...aro.org>
CC: Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
Dmitry Torokhov <dmitry.torokhov@...il.com>
Subject: Re: Out-of-bound access in sysrq
On 03/28/2013 02:19 PM, Mathieu Poirier wrote:
> On 13-03-28 04:34 AM, Jiri Slaby wrote:
>> Guys,
>>
>> how is this supposed to work?
>>
>> #define SYSRQ_KEY_RESET_MAX 20 /* Should be plenty */
>> static unsigned short sysrq_reset_seq[SYSRQ_KEY_RESET_MAX];
>> ...
>> unsigned short platform_sysrq_reset_seq[] __weak = { KEY_RESERVED };
>> ...
>> static inline void sysrq_register_handler(void)
>> {
>> ...
>> for (i = 0; i < ARRAY_SIZE(sysrq_reset_seq); i++) {
>> key = platform_sysrq_reset_seq[i];
>> if (key == KEY_RESERVED || key > KEY_MAX)
>> ...
>>
>>
>>
>>
>> i runs from 0 to 19 incl., but platform_sysrq_reset_seq, if not
>> overriden, is of size 1, so?
>>
>> thanks,
>>
>
> Unless I'm missing something, 'i' won't go higher than '0' since the
> first element of platform_sysrq_reset_seq is set to KEY_RESERVED and in
> such case the 'break' is executed.
Of course, I was apparently sleeping yet. Sorry for the noise!
--
js
suse labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists