lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180426012805.GA3282@jagdpanzerIV> Date: Thu, 26 Apr 2018 10:28:05 +0900 From: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com> To: Petr Mladek <pmladek@...e.com> Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, Rasmus Villemoes <linux@...musvillemoes.dk>, Linus Torvalds <torvalds@...ux-foundation.org>, "Tobin C . Harding" <me@...in.cc>, Joe Perches <joe@...ches.com>, Andrew Morton <akpm@...ux-foundation.org>, Michal Hocko <mhocko@...e.cz>, Sergey Senozhatsky <sergey.senozhatsky@...il.com>, Steven Rostedt <rostedt@...dmis.org>, Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v5 10/11] vsprintf: WARN() on invalid pointer access On (04/25/18 13:12), Petr Mladek wrote: [..] > /* > * This is not a fool-proof test. 99% of the time that this will fault is > * due to a bad pointer, not one that crosses into bad memory. Just test > @@ -623,8 +626,12 @@ static const char *check_pointer_access(const void *ptr) > if (!ptr) > return "(null)"; > > - if (probe_kernel_address(ptr, byte)) > + /* Prevent silent crashes when called in printk_safe context. */ > + if (probe_kernel_address(ptr, byte)) { > + WARN(!panic_on_warn && !test_printf_pointer_access, > + "vsprintf: invalid pointer address\n"); > return "(efault)"; > + } Can we have a rate-limited print out here? Or may be even a WARN_ONCE()? Yes, printk()-s from check_pointer_access() are OK, printk_safe() helps us, but at the same time every single invalid pointer access printk()-message will log_store() WARN() extra entries. Theoretically, this can harm. What do you think? -ss
Powered by blists - more mailing lists