| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <603ee7f3-aba4-de45-9bf3-8fe70fa2c638@huawei.com>
Date: Fri, 12 Apr 2019 22:38:09 +0800
From: Gao Xiang <gaoxiang25@...wei.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
CC: Chao Yu <yuchao0@...wei.com>, Ming Lei <ming.lei@...hat.com>,
"Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
<devel@...verdev.osuosl.org>, <linux-erofs@...ts.ozlabs.org>,
Chao Yu <chao@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
<weidu.du@...wei.com>, Fang Wei <fangwei1@...wei.com>,
Miao Xie <miaoxie@...wei.com>
Subject: Re: [PATCH v2] staging: erofs: fix unexpected out-of-bound data
access
On 2019/4/12 21:51, Dan Carpenter wrote:
> On Fri, Apr 12, 2019 at 05:53:14PM +0800, Gao Xiang wrote:
>> Unexpected out-of-bound data will be read in erofs_read_raw_page
>> after commit 07173c3ec276 ("block: enable multipage bvecs") since
>> one iovec could have multiple pages.
>>
>> Let's fix as what Ming's pointed out in the previous email [1].
>>
>> [1] https://lore.kernel.org/lkml/20190411080953.GE421@ming.t460p/
>>
>
> Please also use the Fixes tag.
>
> Fixes: 07173c3ec276 ("block: enable multipage bvecs")
Thanks for reminder. Maybe Greg could add this line...
Thanks,
Gao Xiang
>
>> Suggested-by: Ming Lei <ming.lei@...hat.com>
>> Reviewed-by: Chao Yu <yuchao0@...wei.com>
>> Signed-off-by: Gao Xiang <gaoxiang25@...wei.com>
>
> regards,
> dan carpenter
>
Powered by blists - more mailing lists