lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1631609290-2830831-1-git-send-email-jiasheng@iscas.ac.cn>
Date:   Tue, 14 Sep 2021 08:48:10 +0000
From:   Jiasheng Jiang <jiasheng@...as.ac.cn>
To:     tglx@...utronix.de
Cc:     linux-kernel@...r.kernel.org
Subject: Re:Re:[PATCH 6/6] irq: Potentially 'offset out of size' bug

> On Fri, Sep 10 2021 at 03:26, Jiasheng Jiang wrote:
> The find_next_bit() use nr_irqs as size, and using it without
> any check might cause its returned value out of the sizei

On Fri, Sep 10 2021 at 18:28, tglx wrote:
> Why exactly is this a problem? The return value has to be checked at the
> call site anyway.

There is really a check at the call site, but the annotation of the 
irq_get_next_irq() is 'Returns next irq number after offset or nr_irqs 
if none is found', which tells the programmer should not check the
return value of it. In case of a programmer write a new call for the
irq_get_next_irq(), he may not check the return value because of the 
annotation said. Therefore, it had better to add the check inside of
irq_get_next_irq() to fit for the annotation.

Thanks,

        Jiasheng Jiang

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ