lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1477309189.6666.6.camel@crowfest.net>
Date:   Mon, 24 Oct 2016 04:39:49 -0700
From:   Michael Zoran <mzoran@...wfest.net>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     gregkh@...uxfoundation.org, devel@...verdev.osuosl.org,
        daniels@...labora.com, linux-kernel@...r.kernel.org,
        eric@...olt.net, noralf@...nnes.org, popcornmix@...il.com
Subject: Re: [PATCH 1/2] staging: vc04_services: Fix unportable cast in
 vchiq_copy_from_user

On Mon, 2016-10-24 at 14:36 +0300, Dan Carpenter wrote:
> On Mon, Oct 24, 2016 at 04:09:37AM -0700, Michael Zoran wrote:
> > I didn't think it looked totally correct, but I'm not sure it's any
> > more broken then what is already in the tree.
> 
> It's not more broken.  But better to leave the compile warning there
> to
> mark that it is an obvious security problem.
> 
> > 
> > If you can kindly point me to some other source code or
> > documentation
> > to look at that is correct, I'm more then willing to fix the patch.
> > 
> 
> I was hoping the maintainers could chip in, because I didn't want to
> look at the code.  We really need to track which are use pointers and
> which are kernel pointers.  We can't mix them like this.
> 
> regards,
> dan carpenter
> 

The problem is that I'm mostly interested in arm64 ATM, and I don't
think the existing code works at all with 64 bit pointers.

Broken as it may be...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ