| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YA6jr+Fs2+ozoVwr@alley>
Date: Mon, 25 Jan 2021 11:55:43 +0100
From: Petr Mladek <pmladek@...e.com>
To: John Ogness <john.ogness@...utronix.de>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Sven Schnelle <svens@...ux.ibm.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] printk: fix string termination for record_print_text()
On Sun 2021-01-24 21:33:28, John Ogness wrote:
> Commit f0e386ee0c0b ("printk: fix buffer overflow potential for
> print_text()") added string termination in record_print_text().
> However it used the wrong base pointer for adding the terminator.
> This led to a 0-byte being written somewhere beyond the buffer.
>
> Use the correct base pointer when adding the terminator.
>
> Fixes: f0e386ee0c0b ("printk: fix buffer overflow potential for print_text()")
> Reported-by: Sven Schnelle <svens@...ux.ibm.com>
> Signed-off-by: John Ogness <john.ogness@...utronix.de>
The patch is pushed in kernel/printk.git, branch printk-rework.
I am going to send pull request for-5.11 later today.
Thanks a lot for the debugging and quick fix. I feel shame that
I did not caught this during the review.
Best Regards,
Petr
Powered by blists - more mailing lists