lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <603ee7f3-aba4-de45-9bf3-8fe70fa2c638@huawei.com> Date: Fri, 12 Apr 2019 22:38:09 +0800 From: Gao Xiang <gaoxiang25@...wei.com> To: Dan Carpenter <dan.carpenter@...cle.com> CC: Chao Yu <yuchao0@...wei.com>, Ming Lei <ming.lei@...hat.com>, "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>, <devel@...verdev.osuosl.org>, <linux-erofs@...ts.ozlabs.org>, Chao Yu <chao@...nel.org>, LKML <linux-kernel@...r.kernel.org>, <weidu.du@...wei.com>, Fang Wei <fangwei1@...wei.com>, Miao Xie <miaoxie@...wei.com> Subject: Re: [PATCH v2] staging: erofs: fix unexpected out-of-bound data access On 2019/4/12 21:51, Dan Carpenter wrote: > On Fri, Apr 12, 2019 at 05:53:14PM +0800, Gao Xiang wrote: >> Unexpected out-of-bound data will be read in erofs_read_raw_page >> after commit 07173c3ec276 ("block: enable multipage bvecs") since >> one iovec could have multiple pages. >> >> Let's fix as what Ming's pointed out in the previous email [1]. >> >> [1] https://lore.kernel.org/lkml/20190411080953.GE421@ming.t460p/ >> > > Please also use the Fixes tag. > > Fixes: 07173c3ec276 ("block: enable multipage bvecs") Thanks for reminder. Maybe Greg could add this line... Thanks, Gao Xiang > >> Suggested-by: Ming Lei <ming.lei@...hat.com> >> Reviewed-by: Chao Yu <yuchao0@...wei.com> >> Signed-off-by: Gao Xiang <gaoxiang25@...wei.com> > > regards, > dan carpenter >
Powered by blists - more mailing lists