lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 02 Feb 2014 14:25:25 -0800 From: ebiederm@...ssion.com (Eric W. Biederman) To: Andrew Morton <akpm@...ux-foundation.org> Cc: "Pearson\, Greg" <greg.pearson@...com>, "vgoyal\@redhat.com" <vgoyal@...hat.com>, "d.hatayama\@jp.fujitsu.com" <d.hatayama@...fujitsu.com>, "holzheu\@linux.vnet.ibm.com" <holzheu@...ux.vnet.ibm.com>, "dhowells\@redhat.com" <dhowells@...hat.com>, "paul.gortmaker\@windriver.com" <paul.gortmaker@...driver.com>, "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] vmcore: prevent PT_NOTE p_memsz overflow during header update Andrew Morton <akpm@...ux-foundation.org> writes: > On Sat, 1 Feb 2014 01:07:29 +0000 "Pearson, Greg" <greg.pearson@...com> wrote: > >> As far as I know the only consequence of dropping a PT_NOTE entry is >> that it would not be available in the crash dump for use in debugging. >> I'm not sure how important this data might be for triage. I'm guessing >> that in cases where one of these strange PT_NOTE entries shows up with a >> size that causes an overflow it probably isn't even a real PT_NOTE entry >> so dropping it won't matter, but that's a guess at this point since I'm >> still trying to figure out how the bogus entries were created. > > Can we detect the crazy-huge notes, skip them and then proceed with > the following sanely-sized ones? The only way we can have following sanely-sized notes is if they are in a separate note segment (one of our extensions for kdump and /proc/vmcore merges them together). Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists