lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 6 Nov 2021 15:45:55 +0300
From:   Pavel Skripkin <paskripkin@...il.com>
To:     Ajay Garg <ajaygargnsit@...il.com>
Cc:     linux-serial@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] tty: vt: keyboard: initialize "kbs" so that kfree(kbs)
 runs fine even if kbs is not kmalloced.

On 11/6/21 15:16, Ajay Garg wrote:
> Hi Pavel,
> 
> Thanks for the review.
> 
>>
>> Please, don't put change log into commit message. It should go under ---
>>
> 
> Ok, many thanks Pavel.
> Will take care in all my future patches.
> 
> 
>>
>> These is only one caller of vt_do_kdgkb_ioctl, which simple does:
>>
>>
>>         case KDGKBSENT:
>>         case KDSKBSENT:
>>                 return vt_do_kdgkb_ioctl(cmd, up, perm);
>>
>> It means, that cmd can not be different from KDGKBSENT and KDSKBSENT.
>>
>> I guess, you found this "issue" via static analysis tool like smatch or
>> smth similar, but this bug is impossible right now.
>>
> 
> Yes, following was reported by smatch (amongst others) :
> vt_do_kdgkb_ioctl() error: uninitialized symbol 'kbs'.
> 
> 
> Regarding the current state, "vt_do_kdgkb_ioctl" should ideally behave
> correctly independently, without bothering whether a cmd is a valid
> one. From that perspective, it makes sense to ensure that kfree never
> crashes.
> 
> However, I don't have any strong opinions on what is right or what is
> wrong, as long as things work fine.
> 
> So, if there is a general consensus that the change should not be made
> currently, I would be ok.
> In case the change should be made, kindly let me know, I will post the
> v3 patch (making change as per the review-comment of moving changelog
> below ---).
> 
> 

I can't say if it needed or not, since I am not the maintainer. I've 
just said my thoughts on this change. It looks like you missed all 
maintainers emails in your CC list :)

└──$ ./scripts/get_maintainer.pl -f drivers/tty/vt/keyboard.c
Greg Kroah-Hartman <gregkh@...uxfoundation.org> (supporter:TTY 
LAYER,commit_signer:10/10=100%,authored:2/10=20%,added_lines:31/66=47%,removed_lines:31/59=53%)
Jiri Slaby <jirislaby@...nel.org> (supporter:TTY 
LAYER,commit_signer:6/10=60%,authored:3/10=30%,added_lines:14/66=21%,removed_lines:4/59=7%)
Andy Shevchenko <andriy.shevchenko@...ux.intel.com> 
(commit_signer:4/10=40%,authored:4/10=40%,added_lines:18/66=27%,removed_lines:21/59=36%)
Emil Renner Berthing <kernel@...il.dk> 
(commit_signer:1/10=10%,authored:1/10=10%,removed_lines:3/59=5%)
linux-kernel@...r.kernel.org (open list)


This is the list of people you need to send patches to. Please, use this 
script next time to not miss people related to your change :)


The same for your other patch.



With regards,
Pavel Skripkin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ