| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+zW5tP=UpUMpZoHei1wNNZO6D6V31LW7CgCj+xjH=YGw@mail.gmail.com>
Date: Fri, 22 Sep 2017 08:24:05 -0700
From: Kees Cook <keescook@...omium.org>
To: Oleg Nesterov <oleg@...hat.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Al Viro <viro@...iv.linux.org.uk>,
Ben Woodard <woodard@...hat.com>,
James Bottomley <James.Bottomley@...senpartnership.com>,
Jim Foraker <foraker1@...l.gov>,
Travis Gummels <tgummels@...hat.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/5] exec: binfmt_misc: fix use-after-free, kill iname[BINPRM_BUF_SIZE]
On Fri, Sep 22, 2017 at 7:36 AM, Oleg Nesterov <oleg@...hat.com> wrote:
> Note: 5/5 depends on
>
> -extern int bprm_change_interp(char *interp, struct linux_binprm *bprm);
> +extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm);
>
> change in
>
> [PATCH] exec: load_script: kill the onstack interp[BINPRM_BUF_SIZE] array
> https://marc.info/?l=linux-kernel&m=150575251328591
>
> I sent before.
>
> Looks like this code was always wrong, then 948b701a607f ("binfmt_misc: add persistent
> opened binary handler for containers") added more problems.
>
> Oleg.
>
> fs/binfmt_misc.c | 56 ++++++++++++++++++++++++++------------------------------
> 1 file changed, 26 insertions(+), 30 deletions(-)
This all looks correct to me, thanks!
Acked-by: Kees Cook <keescook@...omium.org>
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists