lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150420123348.GG4368@pathway.suse.cz>
Date:	Mon, 20 Apr 2015 14:33:49 +0200
From:	Petr Mladek <pmladek@...e.cz>
To:	Tejun Heo <tj@...nel.org>
Cc:	akpm@...ux-foundation.org, davem@...emloft.net,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
	Kay Sievers <kay@...y.org>
Subject: Re: [PATCH 01/16] printk: guard the amount written per line by
 devkmsg_read()

On Mon 2015-04-20 14:11:36, Petr Mladek wrote:
> On Thu 2015-04-16 19:03:38, Tejun Heo wrote:
> > devkmsg_read() uses 8k buffer and assumes that the formatted output
> > message won't overrun which seems safe given LOG_LINE_MAX, the current
> > use of dict and the escaping method being used; however, we're
> > planning to use devkmsg formatting wider and accounting for the buffer
> > size properly isn't that complicated.
> > 
> > This patch defines CONSOLE_EXT_LOG_MAX as 8192 and updates
> > devkmsg_read() so that it limits output accordingly.
> > 
> > Signed-off-by: Tejun Heo <tj@...nel.org>
> 
> Reviewed-by: Petr Mladek <pmladek@...e.cz>
> 
> It is just a refactoring and does not modify the current behavior.

Ah, to make it clear. It did not modify the behavior except for
adding the check for potential buffer overflow.

Best Regards,
Petr

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ