lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20150609185736.GY14071@sirena.org.uk>
Date:	Tue, 9 Jun 2015 19:57:36 +0100
From:	Mark Brown <broonie@...nel.org>
To:	Stefan Wahren <stefan.wahren@...e.com>
Cc:	Joe Perches <joe@...ches.com>, Liam Girdwood <lgirdwood@...il.com>,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH V2] regulator: core: fix constraints debug output

On Tue, Jun 09, 2015 at 08:49:14PM +0200, Stefan Wahren wrote:
> > Mark Brown <broonie@...nel.org> hat am 9. Juni 2015 um 20:00 geschrieben:

> > If we know how much output we might produce then why not extend the
> > buffer so we don't need to cut it off? The defensive programming is
> > good but that seems a better fix.

> I thought the intension was to keep the output in "one" line. If not i suggest
> to increase the size to 160 bytes, which is sufficient for all cases.

No, it was just the first number I thought of - we'll scroll off the end
of an 80 column line anyway due to the prefixes that get added (time,
regulator subsystem name and so on).  The bounds checking seems good but
it seems like a second patch after bumping the buffer which is a much
more focused fix for stable.  I've also just done a separate patch for
the buffer corruption you reported.

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ