| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211007133541.GC2048@kadam>
Date: Thu, 7 Oct 2021 16:35:41 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Namjae Jeon <linkinjeon@...nel.org>
Cc: Colin King <colin.king@...onical.com>,
Sergey Senozhatsky <senozhatsky@...omium.org>,
Steve French <sfrench@...ba.org>,
Hyunchul Lee <hyc.lee@...il.com>,
Ronnie Sahlberg <lsahlber@...hat.com>,
linux-cifs@...r.kernel.org, kernel-janitors@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH][next] cifsd: Fix a less than zero comparison with the
unsigned int nbytes
On Thu, Oct 07, 2021 at 09:37:04PM +0900, Namjae Jeon wrote:
> 2021-10-07 20:47 GMT+09:00, Colin King <colin.king@...onical.com>:
> >
> > Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
> I think that this alarm is caused by b66732021c64 (ksmbd: add
> validation in smb2_ioctl).
> Fixes tag may be not needed. Because b66732021c64 patch is not applied
> to Linus' tree yet ?
If you are going to modify the commit to include this fix then that's
fine. Otherise if you are going to apply this commit then the Fixes
tag is still required.
The fixes tag saves time for backporters because they can automatically
rule out that this patch needs to be backported. Or if they backport
commit b66732021c64 then they know they have to backport the fix as
well.
Also the Fixes tag is used for other purposes besides backporting.
It helps review. It's also an interesting metric to measure how long
between the bug is introduced and the fix is applied.
regards,
dan carpenter
Powered by blists - more mailing lists