lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 5 Jul 2019 14:14:55 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     zhengbin <zhengbin13@...wei.com>
cc:     john.stultz@...aro.org, sboyd@...nel.org,
        linux-kernel@...r.kernel.org, yi.zhang@...wei.com,
        zhangxiaoxu5@...wei.com
Subject: Re: [PATCH] time: compat settimeofday: Validate the values of tv
 from user

Zhengbin,

On Fri, 5 Jul 2019, zhengbin wrote:

> Similar to commit 6ada1fc0e1c4
> ("time: settimeofday: Validate the values of tv from user"),
> an unvalidated user input is multiplied by a constant, which can result
> in an undefined behaviour for large values. While this is validated
> later, we should avoid triggering undefined behaviour.

I surely agree with the patch, but the argument that this is validated
later and we just should avoid UB in general is just wrong.

For a wide range of negative tv_usec values the multiplication overflow
turns them in positive numbers. So the 'validated later' is not catching
the invalid input.

So 'should avoid ....' is just the wrong argument here.

Validation _is_ required before the multiplication so UB won't turn an
invalid value into a valid one.

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ