lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 16 Feb 2017 18:37:49 -0600
From:   Andy Gross <>
To:     Bjorn Andersson <>
Cc:     Ohad Ben-Cohen <>,
        David Brown <>,,,,,
        Dan Carpenter <>,
        Stanimir Varbanov <>
Subject: Re: [PATCH] remoteproc: qcom: mdt_loader: Use signed type for offset

On Wed, Feb 15, 2017 at 02:00:41PM -0800, Bjorn Andersson wrote:
> In the transition from using rproc_da_to_va(), the type of the load
> offset became unsigned. This causes the subsequent check to let negative
> values less than p_memsz + mem_size through and we write outside of the
> buffer.
> Change the type back to a signed value to catch this.
> Fixes: 7f0dd07a9b29 ("remoteproc: qcom: mdt_loader: Refactor MDT loader")
> Fixes: e7fd25226295 ("remoteproc: qcom: q6v5: Decouple driver from MDT loader")
> Reported-by: Dan Carpenter <>
> Reported-by: Stanimir Varbanov <>
> Signed-off-by: Bjorn Andersson <>

Acked-by: Andy Gross <>

Powered by blists - more mailing lists