| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAPAsAGx=Hp46P70g4H1fVK=n6POAH_6dUk=3BwMQQSAxOBjYOw@mail.gmail.com>
Date: Thu, 6 Jul 2017 01:41:51 +0300
From: Andrey Ryabinin <ryabinin.a.a@...il.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Arnd Bergmann <arnd@...db.de>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Kees Cook <keescook@...omium.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Jean Delvare <jdelvare@...e.de>
Subject: Re: [GIT PULL] gcc-plugins updates for v4.13-rc1
2017-07-06 0:56 GMT+03:00 Linus Torvalds <torvalds@...ux-foundation.org>:
> On Wed, Jul 5, 2017 at 2:48 PM, Arnd Bergmann <arnd@...db.de> wrote:
>>
>> This particular example should be handled by
>> scripts/gcc-plugins/structleak_plugin.c, right?
>
> .. probably. But we have a ton of other uses that just pass in
> "result" pointers (not structs), which admittedly don't have the
> padding issue, but do have the exact same issue otherwise.
>
> We have those random "initialize to zero by hand", and I wouldn't
> actually worry about most of the common cases. KASAN will find them
> anyway.
>
KASAN doesn't find "use-of-unitialized memory" bugs. It can find only
use-after-free
and out-of-bounds accesses.
MemorySanitizer (aka KMSAN) is supposed to detect uses of unitialized memory.
It's still in WIP stage, but have some trophies already (just grep for
KMSAN in git log)
> It tends to be the random odd ioctl-like things that nobody finds
> because it's only uninitialized for some silly error case that never
> triggers (or some unusual driver that needs to be loaded).
>
> Linus
Powered by blists - more mailing lists