lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 5 Feb 2019 17:45:25 +0200
From:   Andy Shevchenko <andy.shevchenko@...il.com>
To:     Mattias Jacobsson <2pi@....nu>
Cc:     Masahiro Yamada <yamada.masahiro@...ionext.com>,
        michal.lkml@...kovi.net, Darren Hart <dvhart@...radead.org>,
        Andy Shevchenko <andy@...radead.org>,
        Pali Rohár <pali.rohar@...il.com>,
        Platform Driver <platform-driver-x86@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3 2/3] platform/x86: wmi: add WMI support to MODULE_DEVICE_TABLE()

On Sun, Feb 3, 2019 at 9:04 PM Mattias Jacobsson <2pi@....nu> wrote:
> On 2019-01-30, Andy Shevchenko wrote:
> > On Wed, Jan 30, 2019 at 5:15 PM Mattias Jacobsson <2pi@....nu> wrote:

> > > +       if (len < 0 || len >= 500) {
> >
> > Would it even possible to get a negative number here?
> > Same for any other number than slightly bigger than 36.
>
> snprintf returns a negative number on error. BTW AFAIU the code from
> file2alias.c gets dynamically linked against a libc.

OK.

> > So, what about simple
> >
> > {
> >  DEF_FIELD_ADDR(...);
> >  size_t len;
> >
> >  len = strlen(*guid_string);
> >  if (len != ...) {
> >   ...
> >  }
> > sprintf(...);
> > return 1;
> > }
> >
> > ?
>
> Then we are missing the check that we are within the bounds of alias

I don't see how. By checking a length of string we be sure, that the
result would have a non-arbitrary length.

> as well as the negative code from s*printf(). snprintf() does this nicely
> for us.

This one I agree with, means in the above example we may do

return sprintf(...);

if callers recognize just a sign, or

len = sprintf(...);
if (len < 0)
 return len; // -1? 0?

return 1;

otherwise.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ