lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e0c87e855eda4840b311664789964f81@ausx13mpc120.AMER.DELL.COM>
Date:   Mon, 2 Oct 2017 13:26:21 +0000
From:   <Mario.Limonciello@...l.com>
To:     <andy.shevchenko@...il.com>
CC:     <dvhart@...radead.org>, <linux-kernel@...r.kernel.org>,
        <platform-driver-x86@...r.kernel.org>, <luto@...nel.org>,
        <quasisec@...gle.com>, <pali.rohar@...il.com>
Subject: RE: [PATCH v3 8/8] platform/x86: dell-wmi-smbios: clean up wmi
 descriptor check

> -----Original Message-----
> From: Andy Shevchenko [mailto:andy.shevchenko@...il.com]
> Sent: Monday, October 2, 2017 8:16 AM
> To: Limonciello, Mario <Mario_Limonciello@...l.com>
> Cc: dvhart@...radead.org; LKML <linux-kernel@...r.kernel.org>; Platform Driver
> <platform-driver-x86@...r.kernel.org>; Andy Lutomirski <luto@...nel.org>;
> quasisec@...gle.com; Pali Rohár <pali.rohar@...il.com>
> Subject: Re: [PATCH v3 8/8] platform/x86: dell-wmi-smbios: clean up wmi
> descriptor check
> 
> On Thu, Sep 28, 2017 at 7:02 AM, Mario Limonciello
> <mario.limonciello@...l.com> wrote:
> > Some cases the wrong type was used for errors and checks can be
> > done more cleanly.
> 
> Oops, I forgot about this patch, so, please, disregard my comment WRT
> to strncmp() use to the other patch.
> 
> 
> > Signed-off-by: Mario Limonciello <mario.limonciello@...l.com>
> > Reviewed-by: Edward O'Callaghan <quasisec@...gle.com>
> 
> Btw, missed Suggested-by?

Yes sorry about that.  I'll add that for when I get v4 out.

> 
> 
> > -       if (desc_buffer[0] != 0x4C4C4544 && desc_buffer[1] != 0x494D5720)
> > -               dev_warn(&wdev->dev, "Dell descriptor buffer has invalid signature
> (%*ph)\n",
> > -                       8, desc_buffer);
> > +       if (strncmp(obj->string.pointer, "DELL WMI", 8) != 0)
> > +               dev_warn(&wdev->dev, "Dell descriptor buffer has invalid signature
> (%8ph)\n",
> > +                       desc_buffer);
> 
> And as Darren pointed out, this fixes the logic bug as well.
> 
> --
> With Best Regards,
> Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ