lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150218074442.GC1752@p183.telecom.by>
Date:	Wed, 18 Feb 2015 10:44:42 +0300
From:	Alexey Dobriyan <adobriyan@...il.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	aksgarg1989@...il.com, linux-kernel@...r.kernel.org
Subject: Re: Fw: [PATCH] lib/kstrtox.c Stop parsing integer on overflow

On Tue, Feb 17, 2015 at 04:17:24PM -0800, Andrew Morton wrote:
> ?
> 
> Begin forwarded message:
> 
> Date: Mon, 16 Feb 2015 10:48:50 -0800
> From: Anshul Garg <aksgarg1989@...il.com>
> To: linux-kernel@...r.kernel.org
> Cc: aksgarg1989@...il.com, anshul.g@...sung.com, torvalds@...ux-foundation.org
> Subject: [PATCH] lib/kstrtox.c Stop parsing integer on overflow
> 
> 
> From: Anshul Garg <aksgarg1989@...il.com>
> 
> While converting string representation to integer
> break the loop if overflow is detected.
> 
> Signed-off-by: Anshul Garg <aksgarg1989@...il.com>
> ---
>  lib/kstrtox.c |    4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/kstrtox.c b/lib/kstrtox.c
> index ec8da78..6f30209 100644
> --- a/lib/kstrtox.c
> +++ b/lib/kstrtox.c
> @@ -70,8 +70,10 @@ unsigned int _parse_integer(const char *s, unsigned int base, unsigned long long
>  		 * it in the max base we support (16)
>  		 */
>  		if (unlikely(res & (~0ull << 60))) {
> -			if (res > div_u64(ULLONG_MAX - val, base))
> +			if (res > div_u64(ULLONG_MAX - val, base)) {
>  				overflow = 1;
> +				break;
> +			}
>  		}
>  		res = res * base + val;
>  		rv++;

The _notion_ of a patch is OK if you want EVERY simple_strtoull() call
to stop parsing past overflow right now. It SHOULD have done so from day 1,
but it doesn't do that.

When I wrote kstrto*() code I deliberatedly didn't break this bug
because of the sheer number of call sites.

If you are OK with changing bug-for-bug compatibility,
then patch simply need to delete overflow detection code.

	Alexey
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ