| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Oct 2019 19:02:08 +0800
From: Walter Wu <walter-zh.wu@...iatek.com>
To: Qian Cai <cai@....pw>
CC: Dmitry Vyukov <dvyukov@...gle.com>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Matthias Brugger <matthias.bgg@...il.com>,
LKML <linux-kernel@...r.kernel.org>,
kasan-dev <kasan-dev@...glegroups.com>,
Linux-MM <linux-mm@...ck.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
<linux-mediatek@...ts.infradead.org>,
wsd_upstream <wsd_upstream@...iatek.com>
Subject: Re: [PATCH] kasan: fix the missing underflow in memmove and memcpy
with CONFIG_KASAN_GENERIC=y
On Tue, 2019-10-08 at 05:47 -0400, Qian Cai wrote:
>
> > On Oct 8, 2019, at 2:16 AM, Walter Wu <walter-zh.wu@...iatek.com> wrote:
> >
> > It is an undefined behavior to pass a negative numbers to
> > memset()/memcpy()/memmove(), so need to be detected by KASAN.
>
> Why can’t this be detected by UBSAN?
I don't know very well in UBSAN, but I try to build ubsan kernel and
test a negative number in memset and kmalloc_memmove_invalid_size(), it
look like no check.
Powered by blists - more mailing lists