lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20190211154928.6c99e4f2@gandalf.local.home>
Date:   Mon, 11 Feb 2019 15:49:28 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Andreas Ziegler <andreas.ziegler@....de>
Cc:     Ingo Molnar <mingo@...hat.com>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 RESEND] tracing: probeevent: Correctly update
 remaining space in dynamic area

On Wed,  6 Feb 2019 20:00:13 +0100
Andreas Ziegler <andreas.ziegler@....de> wrote:

> Commit 9178412ddf5a ("tracing: probeevent: Return consumed
> bytes of dynamic area") improved the string fetching
> mechanism by returning the number of required bytes after
> copying the argument to the dynamic area. However, this
> return value is now only used to increment the pointer
> inside the dynamic area but misses updating the 'maxlen'
> variable which indicates the remaining space in the dynamic
> area.
> 
> This means that fetch_store_string() always reads the *total*
> size of the dynamic area from the data_loc pointer instead of
> the *remaining* size (and passes it along to
> strncpy_from_{user,unsafe}) even if we're already about to
> copy data into the middle of the dynamic area.
> 
> Fixes: 9178412ddf5a ("tracing: probeevent: Return consumed bytes of dynamic area")
> Signed-off-by: Andreas Ziegler <andreas.ziegler@....de>
> Acked-by: Masami Hiramatsu <mhiramat@...nel.org>
> ---
>

I applied it and will start testing it. But just an FYI, please send
new versions of a patch as a separate thread. Sending it as a reply to
is likely to have it get missed, as maintainers usually search their
inboxes threaded, and only look at patches that are the start of a
thread. I just happened to have this one marked to look at.

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ