lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 7 Feb 2019 13:39:13 +0100
From:   Mattias Jacobsson <2pi@....nu>
To:     Andy Shevchenko <andy.shevchenko@...il.com>
CC:     Masahiro Yamada <yamada.masahiro@...ionext.com>,
        <michal.lkml@...kovi.net>, Darren Hart <dvhart@...radead.org>,
        "Andy Shevchenko" <andy@...radead.org>,
        Pali Rohár <pali.rohar@...il.com>,
        Platform Driver <platform-driver-x86@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        <2pi@....nu>
Subject: Re: [PATCH v3 2/3] platform/x86: wmi: add WMI support to
 MODULE_DEVICE_TABLE()

On 2019-02-05, Andy Shevchenko wrote:
> On Sun, Feb 3, 2019 at 9:04 PM Mattias Jacobsson <2pi@....nu> wrote:
> > On 2019-01-30, Andy Shevchenko wrote:
> > > On Wed, Jan 30, 2019 at 5:15 PM Mattias Jacobsson <2pi@....nu> wrote:
> 
> > > > +       if (len < 0 || len >= 500) {
> > >
> > > Would it even possible to get a negative number here?
> > > Same for any other number than slightly bigger than 36.
> >
> > snprintf returns a negative number on error. BTW AFAIU the code from
> > file2alias.c gets dynamically linked against a libc.
> 
> OK.
> 
> > > So, what about simple
> > >
> > > {
> > >  DEF_FIELD_ADDR(...);
> > >  size_t len;
> > >
> > >  len = strlen(*guid_string);
> > >  if (len != ...) {
> > >   ...
> > >  }
> > > sprintf(...);
> > > return 1;
> > > }
> > >
> > > ?
> >
> > Then we are missing the check that we are within the bounds of alias
> 
> I don't see how. By checking a length of string we be sure, that the
> result would have a non-arbitrary length.

If you do s/500/ALIAS_SIZE/ on the patch? My code is written with that
in mind, I guess that wasn't totally clear.

BTW I've posted [1] to introduce the ALIAS_SIZE macro.

[1]: https://lore.kernel.org/lkml/20190207123022.7961-1-2pi@mok.nu/

> 
> > as well as the negative code from s*printf(). snprintf() does this nicely
> > for us.
> 
> This one I agree with, means in the above example we may do
> 
> return sprintf(...);
> 
> if callers recognize just a sign, or
> 
> len = sprintf(...);
> if (len < 0)
>  return len; // -1? 0?
> 
> return 1;
> 
> otherwise.

Great

> 
> -- 
> With Best Regards,
> Andy Shevchenko

Thanks,
Mattias

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ