lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <18467907.EfXNf1iGip@tauon.chronox.de> Date: Wed, 20 Dec 2017 10:55:28 +0100 From: Stephan Mueller <smueller@...onox.de> To: Dmitry Vyukov <dvyukov@...gle.com> Cc: syzbot <bot+e5e6fab2d4dc3d9877ac240fed364027bb960ad0@...kaller.appspotmail.com>, David Miller <davem@...emloft.net>, Herbert Xu <herbert@...dor.apana.org.au>, linux-crypto@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, syzkaller-bugs@...glegroups.com Subject: Re: KASAN: use-after-free Read in crypto_aead_free_instance Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov: Hi Dmitry, > On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller <smueller@...onox.de> wrote: > > Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov: > > > > Hi Dmitry, > > > >> > This issue vanishes after applying the patch "[PATCH v2] crypto: AF_ALG > >> > - > >> > limit mask and type". > >> > >> Hi Stephan, > >> > >> syzbot does not understand arbitrary English prose, it only understands > > > > this: > >> > Once a fix for this bug is merged into any tree, reply to this email > >> > with: > >> > #syz fix: exact-commit-title > >> > >> Let's tell it about the fix: > >> > >> #syz fix: crypto: AF_ALG - limit mask and type > > > > I have seen that this is the approach, but the fix is not yet in the tree. > > I just want to let folks know that there is a patch. > > Ah, ok, sorry. It's just difficult to tell when there is a reason to > not provide the tag right now, or when people are don't know about > them or ignore. > If the patch is merged with this title, then there is nothing else to > do. If it's merged under a different title, a new "#syz fix:" tag will > override the old one. Maybe you can teach the syzcaller that there is a proposed fix? E.g. #syz proposed: commit-title Ciao Stephan
Powered by blists - more mailing lists