lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 03 Jul 2020 12:59:33 -0700 (PDT)
From:   David Miller <>
Subject: Re: [PATCH net] net: qed: prevent buffer overflow when collecting
 debug data

From: Alexander Lobakin <>
Date: Fri, 3 Jul 2020 12:02:58 +0300

> When generating debug dump, driver firstly collects all data in binary
> form, and then performs per-feature formatting to human-readable if it
> is supported.
> The size of the new formatted data is often larger than the raw's. This
> becomes critical when user requests dump via ethtool (-d/-w), as output
> buffer size is strictly determined (by ethtool_ops::get_regs_len() etc),
> as it may lead to out-of-bounds writes and memory corruption.
> To not go past initial lengths, add a flag to return original,
> non-formatted debug data, and set it in such cases. Also set data type
> in regdump headers, so userland parsers could handle it.
> Fixes: c965db444629 ("qed: Add support for debug data collection")
> Signed-off-by: Alexander Lobakin <>
> Signed-off-by: Igor Russkikh <>

This is now how ethtool register dumps work.

It does not provide "human readable" versions of register data.  Instead
it is supposed to be purely raw data and then userland utilities interpret
that data and can make it human readable based upon the driver name and
reg dump version.

Please fix your ethtool -d implementation to comply with this.

Thank you.

Powered by blists - more mailing lists