lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1580055504.4964.2.camel@linux.ibm.com>
Date:   Sun, 26 Jan 2020 08:18:24 -0800
From:   James Bottomley <jejb@...ux.ibm.com>
To:     Colin King <colin.king@...onical.com>,
        "Martin K . Petersen" <martin.petersen@...cle.com>,
        linux-scsi@...r.kernel.org
Cc:     kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] scsi: mvsas: ensure loop counter phy_no  does not wrap
 and cause an infinite loop

On Sun, 2020-01-26 at 15:17 +0000, Colin King wrote:
> From: Colin Ian King <colin.king@...onical.com>
> 
> The loop counter phy_no is a u8 where as the upper limit of the loop
> is a u32. In the event that upper limit is greater than 255 we end
> up with an infinite loop since phy_no will wrap around an never reach
> upper loop limit. Fix this by making phy_no a u32.

This value is limited to MVS_MAX_PHYS (i.e. 8) so I don't see where the
concern comes from.  If we were ever to overrun that, we'd corrupt the
chip info structure, because it only allows MVS_MAX_PHYS for the amount
of space.

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ