| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141106142402.0daada65@gandalf.local.home> Date: Thu, 6 Nov 2014 14:24:02 -0500 From: Steven Rostedt <rostedt@...dmis.org> To: Petr Mladek <pmladek@...e.cz> Cc: linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, Jiri Kosina <jkosina@...e.cz>, "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [RFC][PATCH 07/12 v3] tracing: Have seq_buf use full buffer On Thu, 6 Nov 2014 16:31:07 +0100 Petr Mladek <pmladek@...e.cz> wrote: > I like the idea of having the exception only in the bitmap code and filling > the whole buffer in other cases. > > I am now in doubts about the overflow state. A solution would > be to add an "overflow" flag to struct seq_bug. I agree that it > is ugly but it looks more secure then "len = size + 1". > > Well, I do not have that strong opinion about it. What do you think? Ideally, I want struct seq_buf defined only within seq_buf.c, and all users must access the buffer via function methods. We would need to remove all the inline calls, which will have a small affect on performance. But most seq_buf code is for output of text, where this overhead would be a nit to the total cost of operations. That would get rid of all users that think it's safe to access s->buffer + s->len. -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists