lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 10 Aug 2021 14:48:26 +0200
From:   Linus Walleij <>
To:     Marc Zyngier <>
Cc:     Linux ARM <>,
        linux-kernel <>,
        Android Kernel Team <>,
        stable <>,
        Amelie Delaunay <>,
        Maxime Coquelin <>,
        Alexandre Torgue <>
Subject: Re: [PATCH] pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast

On Sun, Jul 25, 2021 at 8:08 PM Marc Zyngier <> wrote:

> Casting a small array of u8 to an unsigned long is *never* OK:
> - it does funny thing when the array size is less than that of a long,
>   as it accesses random places in the stack
> - it makes everything even more fun with a BE kernel
> Fix this by building the unsigned long used as a bitmap byte by byte,
> in a way that works across endianess and has no undefined behaviours.
> An extra BUILD_BUG_ON() catches the unlikely case where the array
> would be larger than a single unsigned long.
> Fixes: 1490d9f841b1 ("pinctrl: Add STMFX GPIO expander Pinctrl/GPIO driver")
> Signed-off-by: Marc Zyngier <>
> Cc:
> Cc: Amelie Delaunay <>
> Cc: Linus Walleij <>
> Cc: Maxime Coquelin <>
> Cc: Alexandre Torgue <>

Patch applied!

Linus Walleij

Powered by blists - more mailing lists