| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <063D6719AE5E284EB5DD2968C1650D6DB027F2B4@AcuExch.aculab.com>
Date: Wed, 8 Feb 2017 16:00:24 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Johannes Berg' <johannes@...solutions.net>,
Arnd Bergmann <arnd@...db.de>,
David Miller <davem@...emloft.net>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC: "stable@...r.kernel.org" <stable@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Andrey Ryabinin" <a.ryabinin@...sung.com>,
"nikolay@...ulusnetworks.com" <nikolay@...ulusnetworks.com>,
"nicolas.dichtel@...nd.com" <nicolas.dichtel@...nd.com>,
"adobriyan@...il.com" <adobriyan@...il.com>,
linux-wireless <linux-wireless@...r.kernel.org>
Subject: RE: KASAN+netlink, was: [PATCH] [net-next?] hns: avoid stack
overflow with CONFIG_KASAN
> From: Johannes Berg
> Sent: 08 February 2017 12:24
...
> Btw, what's causing this to start with? Can't the compiler reuse the
> stack places?
Only if it realises they've gone out of scope - which probably
doesn't happen when the functions are inlined.
The address of the parameter can be saved by the calling function
and used in a later call.
Something like this is valid:
int foo(int *p, int v)
{
static int *sv;
int old = -1;
if (sv) {old = *sv; *sv = v;}
sv = v;
return old;
}
void bar(...) {
int a, b;
...
foo(&a, 0);
...
foo(&b, 1);
...
foo(NULL, 2);
...
If the compiler starts sharing stack it all goes wrong.
David
Powered by blists - more mailing lists