lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Yd1odcLqimcvSreV@smile.fi.intel.com>
Date:   Tue, 11 Jan 2022 13:22:29 +0200
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Sakari Ailus <sakari.ailus@...ux.intel.com>
Cc:     Petr Mladek <pmladek@...e.com>, linux-kernel@...r.kernel.org,
        Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH v1 1/1] vsprintf: Fix potential unaligned access

On Tue, Jan 11, 2022 at 12:54:41PM +0200, Sakari Ailus wrote:
> On Tue, Jan 11, 2022 at 12:10:28PM +0200, Andy Shevchenko wrote:
> > On Tue, Jan 11, 2022 at 12:12:46AM +0200, Sakari Ailus wrote:
> > > On Mon, Jan 10, 2022 at 10:50:49PM +0200, Andy Shevchenko wrote:
> > > > The %p4cc specifier in some cases might get an unaligned pointer.
> > > > Due to this we need to make copy to local variable once to avoid
> > > > potential crashes on some architectures due to improper access.
> > > 
> > > I guess this problem exists virtually everywhere where pointers are being
> > > handled: the pointer could be unaligned.
> > 
> > True. And my patch improves the situation.
> > See, for example, 0f70fe605fad ("hexdump: fix for non-aligned buffers").
> 
> This is different since there's no guarantee of a void pointer's alignment.
> 
> The pixelformat used for %p4cc is a pointer to u32.

Oh, look at the %p, compiler doesn't know about the %p extensions and caller
may supply whatever they want, i.e. %p may take any address that can be kept
in void *. Actual argument _is_ void *. What you put there as u32 is just
personal expectation, and not the reality.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ