| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+YroAA935Pa+X+evxM2Nj_ocFRNkDegOYS_a9gceGrVw@mail.gmail.com>
Date: Mon, 2 Jul 2018 14:44:19 -0700
From: Kees Cook <keescook@...omium.org>
To: Richard Weinberger <richard@....at>
Cc: Linux mtd <linux-mtd@...ts.infradead.org>,
LKML <linux-kernel@...r.kernel.org>,
Silvio Cesare <silvio.cesare@...il.com>,
"# 3.4.x" <stable@...r.kernel.org>
Subject: Re: [PATCH 1/2] Revert "UBIFS: Fix potential integer overflow in allocation"
On Mon, Jul 2, 2018 at 2:41 PM, Richard Weinberger <richard@....at> wrote:
> Am Montag, 2. Juli 2018, 20:27:00 CEST schrieb Kees Cook:
>> > Let's queue another patch for the next merge window which converts
>> > kmalloc() -> kmalloc_array().
>>
>> I'd prefer to leave it as-is for 4.18 because it would be the only
>> unconverted kmalloc()-with-multiplication in the entire tree. We did
>> treewide conversions and a revert would be undoing that here. (The
>> scripts that check for this case would run "clean" for 4.18.)
>>
>> So, this gets back to the question of the int vs u32: if you just
>> didn't revert this patch, then the kmalloc_array() would stand too.
>> Easy! :)
>
> I can queue the kmalloc_array() conversion on top of the revert.
> But TBH, using kmalloc_array() here is just ridiculous, we allocate
> dn->size times 2 where dn->size is at most 4k.
Right, I don't think this spot still suddenly become vulnerable again,
but it'll generate the same machine code (since one arg is a constant
value), and then static checkers never have to flag on it again. :)
Thanks!
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists