lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAJ5zXr0_QE6JLZ+rGeoaETexqvhS7LXdtAH3fqpZ=i1zxQJUYg@mail.gmail.com>
Date:   Mon, 22 Feb 2021 11:31:48 +0530
From:   karthek <mail@...thek.com>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Mukul Mehar <mukulmehar02@...il.com>,
        devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: wimax: fix sparse incorrect type issue

On Mon, Feb 22, 2021 at 11:10 AM Dan Carpenter <dan.carpenter@...cle.com> wrote:
>
> On Sat, Feb 20, 2021 at 05:04:00PM +0530, karthik alapati wrote:
> > fix sparse warning by casting to explicit user address-space
> > pointer type
> >
> > Signed-off-by: karthik alapati <mail@...thek.com>
> > ---
> >  drivers/staging/wlan-ng/p80211netdev.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/staging/wlan-ng/p80211netdev.c b/drivers/staging/wlan-ng/p80211netdev.c
> > index 6f9666dc0..70570e8a5 100644
> > --- a/drivers/staging/wlan-ng/p80211netdev.c
> > +++ b/drivers/staging/wlan-ng/p80211netdev.c
> > @@ -569,7 +569,7 @@ static int p80211knetdev_do_ioctl(struct net_device *dev,
> >               goto bail;
> >       }
> >
> > -     msgbuf = memdup_user(req->data, req->len);
> > +     msgbuf = memdup_user((void __user *)req->data, req->len);
>
> This doesn't fix anything it just silences the warning.  Linus Torvalds
> worked very hard to create Sparse for the express purpose of printing
> the warning.  People don't realize that warnings are very valuable
> because they show where the bugs are.
>
> Please look at this some more and figure out how to fix the warning.
>
> To be honest, I'm tempted to not accept any patch which doesn't also fix
> the buffer overflows when we pass:
>
>         result = p80211req_dorequest(wlandev, msgbuf);
>
> How do we know that "msgbuf" is large enough?
>
> regards,
> dan carpenter
>

Thanks dan but right after sending this patch i immediately replied to
it stating
to ignore this patch as i found this already applied in staging-testing branch
https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?h=staging-testing&id=3a8a144d2a754df45127c74e273fa166f690ba43

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ