lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 20 Sep 2013 13:43:43 +0300
From:	Dan Carpenter <dan.carpenter@...cle.com>
To:	Thomas Meyer <thomas@...3r.de>
Cc:	devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 7/10] staging: r8188eu: Add files for new drive: Cocci
 spatch "noderef"

On Thu, Sep 19, 2013 at 11:45:46PM +0200, Thomas Meyer wrote:
> sizeof when applied to a pointer typed expression gives the size of the
> pointer.
> Found by coccinelle spatch "misc/noderef.cocci"
> 

When you're writing the changelog for these it helps if you say how
many bytes sizeof(*data) is.  In this case, we have gone from clearing 8
bytes to clearing 1 byte so the original code had a potential memory
corruption bug.

> Signed-off-by: Thomas Meyer <thomas@...3r.de>
> ---
> 
> diff -u -p a/drivers/staging/rtl8188eu/core/rtw_mp.c b/drivers/staging/rtl8188eu/core/rtw_mp.c
> --- a/drivers/staging/rtl8188eu/core/rtw_mp.c
> +++ b/drivers/staging/rtl8188eu/core/rtw_mp.c
> @@ -907,7 +907,7 @@ u32 mp_query_psd(struct adapter *pAdapte
>  		sscanf(data, "pts =%d, start =%d, stop =%d", &psd_pts, &psd_start, &psd_stop);
>  	}
>  
> -	_rtw_memset(data, '\0', sizeof(data));
> +	_rtw_memset(data, '\0', sizeof(*data));

I think your fix is correct but it would be better to remove the memset
and do:

	data[0] = '\0';

"data" is a u8 pointer, but it should obviously be a char pointer.  The
original code here is not high quality.  :P

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ