lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 11 Oct 2021 10:29:46 -0500
From:   Mike Christie <michael.christie@...cle.com>
To:     Ulrich Windl <Ulrich.Windl@...uni-regensburg.de>,
        jejb@...ux.ibm.com, martin.petersen@...cle.com,
        Chris Leech <cleech@...hat.com>, qtxuning1999@...u.edu.cn,
        Lee Duncan <lduncan@...e.com>
Cc:     open-iscsi <open-iscsi@...glegroups.com>,
        linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org
Subject: Re: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse
 of %llu in scsi_transport_iscsi.c

On 10/11/21 1:35 AM, Ulrich Windl wrote:
>>>> Joe Perches <joe@...ches.com> schrieb am 09.10.2021 um 05:14 in Nachricht
> <5daf69b365e23ceecee911c4d0f2f66a0b9ec95c.camel@...ches.com>:
>> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>>> Pointers should be printed with %p or %px rather than
>>> cast to (unsigned long long) and printed with %llu.
>>> Change %llu to %p to print the pointer into sysfs.
>> ][]
>>> diff --git a/drivers/scsi/scsi_transport_iscsi.c 
>> b/drivers/scsi/scsi_transport_iscsi.c
>> []
>>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct 
>> device_attribute *attr,
>>>  
>>>
>>>  	if (!capable(CAP_SYS_ADMIN))
>>>  		return -EACCES;
>>> -	return sysfs_emit(buf, "%llu\n",
>>> -		  (unsigned long long)iscsi_handle(priv->iscsi_transport));
>>> +	return sysfs_emit(buf, "%p\n",
>>> +		iscsi_ptr(priv->iscsi_transport));
>>
>> iscsi_transport is a pointer isn't it?
>>
>> so why not just
>>
>> 	return sysfs_emit(buf, "%p\n", priv->iscsi_transport);
> 
> Isn't the difference that %p outputs hex, while %u outputs decimal?
> 

Yeah, I think this patch will break userspace, because it doesn't know it's
a pointer. It could be doing:

sscanf(str, "%llu", &val);

The value is just later passed back to the kernel to look up a driver in
iscsi_if_transport_lookup:

        list_for_each_entry(priv, &iscsi_transports, list) {
                if (tt == priv->iscsi_transport) {

so we could just replace priv->transport with an int and use an ida to assign
the value.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ