lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 20 May 2021 10:35:43 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Richard Fitzgerald <rf@...nsource.cirrus.com>
Cc:     rostedt@...dmis.org, sergey.senozhatsky@...il.com,
        andriy.shevchenko@...ux.intel.com, linux@...musvillemoes.dk,
        shuah@...nel.org, linux-kernel@...r.kernel.org,
        linux-kselftest@...r.kernel.org, patches@...nsource.cirrus.com
Subject: Re: [PATCH v8 RESEND 1/4] lib: vsprintf: scanf: Negative number must
 have field width > 1

On Fri 2021-05-14 17:12:03, Richard Fitzgerald wrote:
> If a signed number field starts with a '-' the field width must be > 1,
> or unlimited, to allow at least one digit after the '-'.
> 
> This patch adds a check for this. If a signed field starts with '-'
> and field_width == 1 the scanf will quit.
> 
> It is ok for a signed number field to have a field width of 1 if it
> starts with a digit. In that case the single digit can be converted.
> 
> Signed-off-by: Richard Fitzgerald <rf@...nsource.cirrus.com>
> Reviewed-by: Petr Mladek <pmladek@...e.com>
> Acked-by: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>

The entrire patchset has been committed into print/linux.git,
branch for-5.14-vsprintf-scanf.

Thanks for reminder. I am sorry. It somehow fallen from my radar.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ