lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200427225944.185d4431@gandalf.local.home>
Date:   Mon, 27 Apr 2020 22:59:44 -0400
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Gavin Shan <gshan@...hat.com>
Cc:     Mark Rutland <mark.rutland@....com>, catalin.marinas@....com,
        linux-kernel@...r.kernel.org, shan.gavin@...il.com,
        will@...nel.org, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] arm64/mm: Reject invalid NUMA option

On Mon, 27 Apr 2020 22:54:06 -0400
Steven Rostedt <rostedt@...dmis.org> wrote:

> On Tue, 28 Apr 2020 10:59:14 +1000
> Gavin Shan <gshan@...hat.com> wrote:
> 
> > Hi Mark,
> > 
> > On 4/24/20 8:11 PM, Mark Rutland wrote:  
> > > [Adding Steve, who added str_has_prefix()]
> > > 
> > > On Fri, Apr 24, 2020 at 02:53:14PM +1000, Gavin Shan wrote:    
> > >> The NUMA option is parsed by str_has_prefix() and the invalid option
> > >> like "numa=o" can be regarded as "numa=off" wrongly.    
> > > 
> > > Are you certain that can pass? If that can happen, str_has_prefix() is
> > > misnamed and does not seem to do what its kerneldoc says it does, as
> > > "off" is not a prefix of "o".
> > >     
> > 
> > Yes, It's possible. str_has_prefix() depends on strncmp(). In this particular
> > case, it's equal to the snippet of code as below: strncmp() returns zero.
> > str_has_prefix() returns 3.  
> 
> Wait! strncmp("o", "off", 3) returns zero?
> 
> That to me looks like a bug!
> 
> This means str_has_prefix() is broken in other areas as well.
> 
> 
> > 
> > int strncmp(const char *cs, const char *ct, size_t count)
> > {
> >          unsigned char c1, c2;
> > 
> >          while (count) {
> >                  c1 = *cs++;
> >                  c2 = *ct++;
> >                  if (c1 != c2)
> >                          return c1 < c2 ? -1 : 1;
> >                  if (!c1)                             /* break after first character is compared */  
> 
> Crap! That is totally wrong!

Looking at this again, it's not wrong. But how did we get here if c2 isn't
zero as well?

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ