| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150708115939.60cd659c@gandalf.local.home>
Date: Wed, 8 Jul 2015 11:59:39 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: LKML <linux-kernel@...r.kernel.org>, Jan Kara <jack@...e.cz>,
Paul Moore <pmoore@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH] Revert: audit: Fix check of return value of
strnlen_user()
On Wed, 8 Jul 2015 08:53:34 -0700
Linus Torvalds <torvalds@...ux-foundation.org> wrote:
> Anyway, to make a long rant more on-point, does this alternative
> version work for you?
I'll test it again, even though I already did (see below).
>
> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> index 09c65640cad6..e85bdfd15fed 100644
> --- a/kernel/auditsc.c
> +++ b/kernel/auditsc.c
> @@ -1021,8 +1021,7 @@ static int audit_log_single_execve_arg(
> * for strings that are too long, we should not have created
> * any.
> */
> - if (unlikely((len == 0) || len > MAX_ARG_STRLEN - 1)) {
> - WARN_ON(1);
> + if (WARN_ON_ONCE(len < 0 || len > MAX_ARG_STRLEN - 1)) {
> send_sig(SIGKILL, current, 0);
> return -1;
> }
>
> because that really looks better to me.
>
That was what I originally did ;-) But then I figured I would just
revert the patch with a simple:
git show 0b08c5e59441d | patch -p1 -R
and submit that.
-- Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists