lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 22 Aug 2020 09:40:59 -0700
From:   Markus Mayer <mmayer@...adcom.com>
To:     Krzysztof Kozlowski <krzk@...nel.org>
Cc:     Florian Fainelli <f.fainelli@...il.com>,
        Colin Ian King <colin.king@...onical.com>,
        BCM Kernel Feedback <bcm-kernel-feedback-list@...adcom.com>,
        Linux ARM Kernel <linux-arm-kernel@...ts.infradead.org>,
        Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] memory: brcmstb_dpfe: fix array index out of bounds

On Sat, 22 Aug 2020 at 04:56, Krzysztof Kozlowski <krzk@...nel.org> wrote:
>
> On Fri, Aug 21, 2020 at 09:52:21AM -0700, Markus Mayer wrote:
> > We would overrun the error_text array if we hit a TIMEOUT condition,
> > because we were using the error code "ETIMEDOUT" (which is 110) as an
> > array index.
> >
> > We fix the problem by correcting the array index and by providing a
> > function to retrieve error messages rather than accessing the array
> > directly. The function includes a bounds check that prevents the array
> > from being overrun.
> >
> > This patch was prepared in response to
> >     https://lkml.org/lkml/2020/8/18/505.
> >
> > Signed-off-by: Markus Mayer <mmayer@...adcom.com>
>
> Your Signed-off-by does not match From field. Please run
> scripts/checkpatch on every patch you send.
>
> I fixed it up, assuming markus.mayer@...adcom.com is the valid email
> address.

No. I have always been using mmayer@...adcom.com since it is shorter.
That's also what's in the MAINTAINERS file. Please change it back. I
accidentally used the long form for one of my e-mail replies which is
where the confusion must have originated.

> > Acked-by: Florian Fainelli <f.fainelli@...il.com>
> > ---
> >
> > Changes since v1:
> >     - Added link of the coverity report to the commit message.
> >     - Added Florian's ack.
> >     - Removed second "const" from get_error_text() return type
>
> Florian was so kind to provide you with necessary tags - Fixes and
> Reported-by. Always include them on resubmit of patches.

I missed those. Thanks for catching it.

Regards,
-Markus



> Thanks, applied.
>
> Best regards,
> Krzysztof
>

Powered by blists - more mailing lists