lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20181102161459.86f0622bd01518a2eb06e1d5@kernel.org>
Date:   Fri, 2 Nov 2018 16:14:59 +0900
From:   Masami Hiramatsu <mhiramat@...nel.org>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: [BUGFIX PATCH] tracing/kprobes: Fix strpbrk() argument order

On Thu, 1 Nov 2018 15:10:14 -0400
Steven Rostedt <rostedt@...dmis.org> wrote:

> On Thu,  1 Nov 2018 23:29:28 +0900
> Masami Hiramatsu <mhiramat@...nel.org> wrote:
> 
> > Fix strpbrk()'s argument order, it must pass acceptable string
> > in 2nd argument. Note that this can cause a kernel panic where
> > it recovers backup character to code->data.
> > 
> > Fixes: a6682814f371 ("tracing/kprobes: Allow kprobe-events to record module symbol")
> > Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> 
> Thanks Masami,
> 
> I'm pulling this and starting to test it.

Thank you! I still couldn't believe how this bug passed through the tests...

> 
> -- Steve
> 
> > ---
> >  kernel/trace/trace_probe.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> > index 3ef15a6683c0..bd30e9398d2a 100644
> > --- a/kernel/trace/trace_probe.c
> > +++ b/kernel/trace/trace_probe.c
> > @@ -535,7 +535,7 @@ int traceprobe_update_arg(struct probe_arg *arg)
> >  			if (code[1].op != FETCH_OP_IMM)
> >  				return -EINVAL;
> >  
> > -			tmp = strpbrk("+-", code->data);
> > +			tmp = strpbrk(code->data, "+-");
> >  			if (tmp)
> >  				c = *tmp;
> >  			ret = traceprobe_split_symbol_offset(code->data,
> 


-- 
Masami Hiramatsu <mhiramat@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ