| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f20e389d-2269-9aca-0fd5-019b7a042f9e@sandeen.net>
Date: Thu, 1 Sep 2016 08:10:44 -0500
From: Eric Sandeen <sandeen@...deen.net>
To: Al Viro <viro@...IV.linux.org.uk>,
Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Cc: akpm@...ux-foundation.org, msalter@...hat.com,
kuleshovmail@...il.com, david.vrabel@...rix.com, vbabka@...e.cz,
ard.biesheuvel@...aro.org, jgross@...e.com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org
Subject: Re: [PATCH] fs:Fix kmemleak leak warning in getname_flags about
working on unitialized memory
On 8/4/16 8:57 AM, Al Viro wrote:
> Don't feed the troll. On all paths leading to that place we have
> result->name = kname;
> len = strncpy_from_user(kname, filename, EMBEDDED_NAME_MAX);
> or
> result->name = kname;
> len = strncpy_from_user(kname, filename, PATH_MAX);
> with failure exits taken if strncpy_from_user() returns an error, which means
> that the damn thing has already been copied into.
>
> FWIW, it looks a lot like buggered kmemcheck; as usual, he can't be bothered
> to mention which kernel version would it be (let alone how to reproduce it
> on the kernel in question), but IIRC davej had run into some instrumentation
> breakage lately.
The original report is in https://bugzilla.kernel.org/show_bug.cgi?id=120651
if anyone is interested in it.
-Eric
> Again, don't feed the troll - you are only inviting an "improved" version
> of that garbage, just as pointless.
Powered by blists - more mailing lists