lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Jul 2015 20:04:10 -0700 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: Oleg Drokin <green@...uxhacker.ru> Cc: devel@...verdev.osuosl.org, Andreas Dilger <andreas.dilger@...el.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Dan Carpenter <dan.carpenter@...cle.com> Subject: Re: [PATCH 18/20] staging/lustre/libcfs: get rid of debugfs/lnet/debug_mb On Mon, Jul 13, 2015 at 10:45:36PM -0400, Oleg Drokin wrote: > > On Jul 13, 2015, at 10:43 PM, Greg Kroah-Hartman wrote: > > > On Wed, Jul 08, 2015 at 11:45:59AM +0300, Dan Carpenter wrote: > >> On Mon, Jul 06, 2015 at 12:48:56PM -0400, green@...uxhacker.ru wrote: > >>> +static int libcfs_param_debug_mb_set(const char *val, > >>> + const struct kernel_param *kp) > >>> +{ > >>> + int rc; > >>> + unsigned num; > >>> + > >>> + rc = kstrtouint(val, 0, &num); > >>> + if (rc == -EINVAL) > >>> + return -EINVAL; > >> > >> Presumably, this is root only so using num uninitialized is not an > >> information leak. > > > > But it's not good, this should be a check for rc < 0 to make sure. > > > > Oleg, can you send a follow-on patch to fix this up? > > Sure. > Do you want it now or should I wait till you merge my previous bunch? I already merged your previous bunch :) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists