lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 27 Oct 2021 23:16:46 +0900
From:   Masami Hiramatsu <mhiramat@...nel.org>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] bootconfig: Fix to initialize 'ret' local variable

On Wed, 27 Oct 2021 10:01:26 -0400
Steven Rostedt <rostedt@...dmis.org> wrote:

> On Wed, 27 Oct 2021 22:54:28 +0900
> Masami Hiramatsu <mhiramat@...nel.org> wrote:
> 
> > Fix xbc_parse_tree() to initialize the 'ret' local variable
> > before referring in the loop.
> > 
> > Reported-by: kernel test robot <lkp@...el.com>
> > Reported-by: Andrew Morton <akpm@...ux-foundation.org>
> > Fixes: f3668cde8562 ("bootconfig: Split parse-tree part from xbc_init")
> > Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> 
> Heh, I just sent the exact same thing. But you have the wrong fixes tag I
> believe. As that change just moved the code, but the original location had
> the same issue I believe.

No, the original code uses the 'ret' for checking strlen().

+int __init xbc_init(char *buf)
+{
+       char *p, *q;
+       int ret, c;
+
+       if (xbc_data)
+               return -EBUSY;
+
+       ret = strlen(buf);
+       if (ret > XBC_DATA_MAX - 1 || ret == 0)
+               return -ERANGE;
+

OK, but my tag is also wrong, since this strlen() has been removed by
commit bdac5c2b243f ("bootconfig: Allocate xbc_data inside xbc_init()")

So the correct tag is 

Fixes: bdac5c2b243f ("bootconfig: Allocate xbc_data inside xbc_init()")

> 
> I'm fine taking yours instead. But I'd like to update the text explaining
> how the ret can be uninitialized and what happens if we set it to zero.

Yeah, I'm also good for both, but the Fixes tag must be updated.

Thank you,

> 
> -- Steve
> 
> 
> > ---
> >  lib/bootconfig.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/lib/bootconfig.c b/lib/bootconfig.c
> > index a10ab25f6fcc..70e0d52ffd24 100644
> > --- a/lib/bootconfig.c
> > +++ b/lib/bootconfig.c
> > @@ -836,7 +836,7 @@ static int __init xbc_verify_tree(void)
> >  static int __init xbc_parse_tree(void)
> >  {
> >  	char *p, *q;
> > -	int ret, c;
> > +	int ret = 0, c;
> >  
> >  	last_parent = NULL;
> >  	p = xbc_data;
> 


-- 
Masami Hiramatsu <mhiramat@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ