| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Nov 2018 15:54:14 +0100
From: Boris Brezillon <boris.brezillon@...tlin.com>
To: <Tudor.Ambarus@...rochip.com>
Cc: <marek.vasut@...il.com>, <dwmw2@...radead.org>,
<computersforpeace@...il.com>, <richard@....at>,
<linux-mtd@...ts.infradead.org>, <linux-kernel@...r.kernel.org>,
<yogeshnarayan.gaur@....com>, <cyrille.pitchen@...ev4u.fr>
Subject: Re: [PATCH 3/7] mtd: spi-nor: add restriction for nmaps in smpt
parser
On Thu, 8 Nov 2018 14:48:11 +0000
<Tudor.Ambarus@...rochip.com> wrote:
> >>>> +
> >>>
> >>> Maybe I missed something but it sounds like this change is just
> >>> optimizing the SPMT parsing a bit, and to be honest, I'm not sure this
> >>> is really needed. Most of the time, smpt_len will be rather small, so
> >>> trying to bail out earlier is not bringing much perf improvements.
> >>
> >> It's rather a smtp validity check. I want to return an error if there are not
> >> enough detection commands to identify the map id.
> >
> > You would have failed the same way without this validity check after a
> > maximum of smpt_len iterations, right?
> >
>
> Right. The correct fix would be to count nmaps in a loop, then do these checks,
> and if all ok, search for the map_id in another loop :).
Or just error out when !ncmds && nmaps > 1.
If you insist on keeping the ncmds && nmaps >= (1 << (ncmds + 1))
check, that's fine, but it's not replacing the consistency check I was
doing ;-).
Powered by blists - more mailing lists