| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <73d5a586-2178-a311-f19c-c16c6e8cbb22@users.sourceforge.net>
Date: Mon, 3 Oct 2016 14:28:24 +0200
From: SF Markus Elfring <elfring@...rs.sourceforge.net>
To: Geert Uytterhoeven <geert@...ux-m68k.org>
Cc: kvm@...r.kernel.org, linux-s390@...r.kernel.org,
Christian Bornträger <borntraeger@...ibm.com>,
Cornelia Huck <cornelia.huck@...ibm.com>,
David Hildenbrand <dahi@...ux.vnet.ibm.com>,
Heiko Carstens <heiko.carstens@...ibm.com>,
Martin Schwidefsky <schwidefsky@...ibm.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
LKML <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org,
Julia Lawall <julia.lawall@...6.fr>,
Walter Harms <wharms@....de>
Subject: Re: [PATCH v2 2/2] KVM: s390: Use memdup_user() rather than
duplicating code
>> - if (!bp_data) {
>> - ret = -ENOMEM;
>> - goto error;
>> - }
>> -
>> - if (copy_from_user(bp_data,
>> - dbg->arch.hw_bp,
>> - sizeof(*bp_data) * dbg->arch.nr_hw_bp)) {
>> - ret = -EFAULT;
>> - goto error;
>> - }
>> + bp_data = memdup_user(dbg->arch.hw_bp,
>> + sizeof(*bp_data) * dbg->arch.nr_hw_bp);
>
> ... while this would continue silently,
How do you think about to explain this information a bit more?
> and corrupt memory.
I wonder about this conclusion at the moment.
Did you notice the check "IS_ERR(bp_data)" and the corresponding reaction
in this update suggestion?
How does your feedback fit to the tag "Acked-by: Cornelia Huck"
from 2016-08-25?
Regards,
Markus
Powered by blists - more mailing lists