lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Sun, 21 Feb 2021 10:51:47 +0530
From:   Atul Gopinathan <atulgopinathan@...il.com>
To:     "Gustavo A. R. Silva" <gustavo@...eddedor.com>,
        gregkh@...uxfoundation.org
Cc:     tiwai@...e.de, devel@...verdev.osuosl.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] staging: rtl8192e: Pass array value to memcpy
 instead of struct pointer

On Sat, Feb 20, 2021 at 12:34:15PM -0600, Gustavo A. R. Silva wrote:
> 
> 
> On 2/20/21 12:21, Atul Gopinathan wrote:
> > The variable "info_element" is of the following type:
> > struct rtllib_info_element *info_element
> > 
> > rtllib_info_element is a struct containing the following fields as
> > defined in drivers/staging/rtl8192e/rtllib.h:
> > 
> > struct rtllib_info_element {
> >         u8 id;
> >         u8 len;
> >         u8 data[];
> > } __packed;
> > 
> > The following code of interest (to which this patch applies) is
> > supposed to check if the "info_element->len" is greater than 4 and
> > equal to 6, if this is satisfied then, the last two bytes (the
> > 4th and 5th index of u8 "data" array) are copied into
> > "network->CcxRmState".
> > 
> > Currently the code uses "memcpy()" with the source as
> > "&info_element[4]" which would copy in wrong and unintended
> > information.
> > 
> > This patch rectifies this error by using "&info_element->data[4]" which
> > rightly copies the last two bytes as the required state information.
> 
> You should include a 'Fixes' tag for this.

Sure! Will resend the patches.
I have a doubt about the Fixes tag, the previous commit pertaining to the
lines I'm modifying is a checkpatch.pl fix (found using simple "git blame").
Should I write that as the Fixes <Commit ID>? Or should I write in the
commit id which created that file and hence, that specific line?

git blame -L1960,1980 -- rtllib_rx.c -> returns a single commit which
was a checkpatch fix (1970, is the line my patch-1 modifies)

git log -S'&info_element[4]' -- rtllib_rx.c -> returned the commit which
created the file (the file which my patch-1 modifies)

Which one should I write in the Fixes tag?

Thanks!
Atul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ