lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20151012081714.GB23595@gmail.com>
Date:	Mon, 12 Oct 2015 10:17:14 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	Fengguang Wu <fengguang.wu@...el.com>
Cc:	kernel test robot <ying.huang@...ux.intel.com>,
	Peter Zijlstra <peterz@...radead.org>, lkp@...org,
	LKML <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [LKP] [lkp] [string] 5f6f0801f5: BUG: KASan: out of bounds
 access in strlcpy+0xc8/0x250 at addr ffff88011a666ee0


* Fengguang Wu <fengguang.wu@...el.com> wrote:

> On Mon, Oct 12, 2015 at 03:51:04PM +0800, Fengguang Wu wrote:
> > On Mon, Oct 12, 2015 at 09:33:55AM +0200, Ingo Molnar wrote:
> > > 
> > > * kernel test robot <ying.huang@...ux.intel.com> wrote:
> > > 
> > > > FYI, we noticed the below changes on
> > > > 
> > > > git://internal_mailing_list_patch_tree Ingo-Molnar/string-Improve-the-generic-strlcpy-implementation
> > > > commit 5f6f0801f5fdfce4984c6a14f99dbfbb417acb66 ("string: Improve the generic strlcpy() implementation")
> > > 
> > > Hm, there's no such commit ID anywhere I can see - did you rebase my tree perhaps?
> > 
> > Ingo, all applied patches will be uploaded to github from now on.

Thanks!

You might want to move that to korg instead, because many people don't like to 
pull from github.

> > Here is the exact commit:
> > 
> > https://github.com/0day-ci/linux/commits/Ingo-Molnar/string-Improve-the-generic-strlcpy-implementation
> 
> Sorry that's already the rebased commit.. The old version was applied
> to 4.3-rc4 while the new one is applied to 4.3-rc5.

So as long as you have the tested sha1 mentioned in the bug report, and that sha1 
can be pulled from somewhere on korg, I'm a happy camper: in this particular case 
it would have told me whether your testing tree had upstream fix 990486c8af or 
not.

Rebasing and applying email patches for testing purposes is otherwise perfectly 
OK, as long as the precise Git tree used for testing can be fetched.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ