| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 May 2017 08:28:52 +0200 (CEST)
From: Julia Lawall <julia.lawall@...6.fr>
To: Joe Perches <joe@...ches.com>
cc: Matthew Wilcox <willy@...radead.org>,
cocci <cocci@...teme.lip6.fr>,
Jeff Layton <jlayton@...chiereds.net>,
David Howells <dhowells@...hat.com>, viro@...iv.linux.org.uk,
linux-fsdevel@...r.kernel.org, linux-nfs@...r.kernel.org,
linux-kernel@...r.kernel.org, mszeredi@...hat.com
Subject: Re: [PATCH 3/9] VFS: Introduce a mount context
On Wed, 3 May 2017, Joe Perches wrote:
> (adding Julia Lawall and cocci)
>
> On Wed, 2017-05-03 at 13:38 -0700, Matthew Wilcox wrote:
> > On Wed, May 03, 2017 at 11:26:38AM -0700, Joe Perches wrote:
> > > On Wed, 2017-05-03 at 14:13 -0400, Jeff Layton wrote:
> > > > On Wed, 2017-05-03 at 17:04 +0100, David Howells wrote:
> > > > > + oo = kmalloc((opts->num_mnt_opts + 1) * sizeof(char *),
> > > > > + GFP_KERNEL);
> >
> > If we're picking nits, then this should be kcalloc in case somebody
> > passed in 2^31 in num_mnt_opts.
>
> There are likely dozens to hundreds of possible/silent
> multiplication overflow defects in the kernel, not just
> in allocations.
>
> Auditing the sources would seem labor intensive.
>
> Perhaps coccinelle could help find them.
>
> Perhaps there should be some overflow checking functions
> added to math64.h
>
> Maybe some form like:
>
> u32 u32_mul_u32_u32(u32 a, u32 b)
> {
> u32 resĀ = a * b;
>
> WARN_ON(a != 0 && res / a != b);
>
> return res;
> }
Coccinelle doesn't kow about the values of variables. It would need some
heuristics about where potentially large values can come from.
julia
Powered by blists - more mailing lists