| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Feb 2021 08:40:29 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: karthik alapati <mail@...thek.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Mukul Mehar <mukulmehar02@...il.com>,
devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: wimax: fix sparse incorrect type issue
On Sat, Feb 20, 2021 at 05:04:00PM +0530, karthik alapati wrote:
> fix sparse warning by casting to explicit user address-space
> pointer type
>
> Signed-off-by: karthik alapati <mail@...thek.com>
> ---
> drivers/staging/wlan-ng/p80211netdev.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/wlan-ng/p80211netdev.c b/drivers/staging/wlan-ng/p80211netdev.c
> index 6f9666dc0..70570e8a5 100644
> --- a/drivers/staging/wlan-ng/p80211netdev.c
> +++ b/drivers/staging/wlan-ng/p80211netdev.c
> @@ -569,7 +569,7 @@ static int p80211knetdev_do_ioctl(struct net_device *dev,
> goto bail;
> }
>
> - msgbuf = memdup_user(req->data, req->len);
> + msgbuf = memdup_user((void __user *)req->data, req->len);
This doesn't fix anything it just silences the warning. Linus Torvalds
worked very hard to create Sparse for the express purpose of printing
the warning. People don't realize that warnings are very valuable
because they show where the bugs are.
Please look at this some more and figure out how to fix the warning.
To be honest, I'm tempted to not accept any patch which doesn't also fix
the buffer overflows when we pass:
result = p80211req_dorequest(wlandev, msgbuf);
How do we know that "msgbuf" is large enough?
regards,
dan carpenter
Powered by blists - more mailing lists