lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 23 Oct 2015 14:10:25 +0200
From:	LABBE Corentin <clabbe.montjoie@...il.com>
To:	acme@...stprotocols.net, al.drozdov@...il.com,
	alexander.h.duyck@...hat.com, daniel@...earbox.net,
	davem@...emloft.net, dmitry.tarnyagin@...kless.no,
	dwmw2@...radead.org, edumazet@...gle.com, eyal.birger@...il.com,
	fw@...len.de, gustavo@...ovan.org, hannes@...essinduktion.org,
	herbert@...dor.apana.org.au, jiri@...nulli.us, jmorris@...ei.org,
	johan.hedberg@...il.com, kaber@...sh.net, kuznet@....inr.ac.ru,
	marcel@...tmann.org, mst@...hat.com, pablo@...filter.org,
	samuel@...tiz.org, tom@...bertland.com, viro@...iv.linux.org.uk,
	willemb@...gle.com, yoshfuji@...ux-ipv6.org
Cc:	linux-bluetooth@...r.kernel.org, linux-crypto@...r.kernel.org,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: 


Hello

This patch series was begun by my finding that memcpy_[to|from]_msg have
a parameter len which is an int but used as size_t in whole functions.
Without blindly changing the parameter to size_t, I have tried to see if
anywhere in linux source code, someone give a negative argument with
the following (unfinished) coccinnelle patch.
virtual report
@@
type T;
signed T i;
@@
(
memcpy_from_msg
|
memcpy_to_msg
)
 (...,
- i)
+ (size_t)i)

With that I found many place where int variable is used to store unsigned values
and which could be set as size_t since there are used againt size_t
and/or given to functions that wait for size_t.
It permit also to found a bug in net/llc/af_llc.c where a size_t variable
stored error codes.

Regards

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ