| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <da96837e-50bb-de1e-be42-0a22474edee8@users.sourceforge.net>
Date: Mon, 3 Oct 2016 16:25:34 +0200
From: SF Markus Elfring <elfring@...rs.sourceforge.net>
To: Geert Uytterhoeven <geert@...ux-m68k.org>
Cc: kvm@...r.kernel.org, linux-s390@...r.kernel.org,
Christian Bornträger <borntraeger@...ibm.com>,
Cornelia Huck <cornelia.huck@...ibm.com>,
David Hildenbrand <dahi@...ux.vnet.ibm.com>,
Heiko Carstens <heiko.carstens@...ibm.com>,
Martin Schwidefsky <schwidefsky@...ibm.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
LKML <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org,
Julia Lawall <julia.lawall@...6.fr>,
Walter Harms <wharms@....de>
Subject: Re: KVM: s390: Use memdup_user() rather than duplicating code
>> * Does there really a probability remain that an inappropriate product
>> would be calculated here (as the situation was before my two update steps
>> for this software module)?
>
> Perhaps not. Hence my "Probably not an issue here, ...".
Thanks for your clarification.
>> * Can it be that you are looking for a variant of a function like "memdup_user"
>> where values can be passed as separate parameters "count" and "size" so that
>> the needed multiplication and corresponding overflow check would be performed
>> together as desired?
>
> If there are enough uses, and people like it, adding memdup_user_array()
> may be a good idea...
How are the chances of such an addition for the Linux programming interface?
> P.S. Why do your questions make me think of a scientific paper? ;-)
Would you like to recommend any for further reading? ;-)
Regards,
Markus
Powered by blists - more mailing lists