lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Yt59LiHs3gWNpNW1@zn.tnic>
Date:   Mon, 25 Jul 2022 13:23:26 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Robert Richter <rric@...nel.org>, Toshi Kani <toshi.kani@....com>
Cc:     mchehab@...nel.org, elliott@....com, linux-edac@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] EDAC/ghes: Fix buffer overflow in ghes_edac_register()

On Mon, Jul 25, 2022 at 01:09:11PM +0200, Robert Richter wrote:
> I see now, what you mean here, may be change this:
> 
> 	snprintf(dimm->label, sizeof(dimm->label), "%s %s",
> 		 (bank && *bank) ? bank : "N/A",
> 		 (device && *device) ? device : "N/A");
> 
> to:
> 
> 	snprintf(dimm->label, sizeof(dimm->label), "%s%s%s",
> 		 (bank && *bank) ? bank : "",
> 		 (bank && device) ? " " : "",
> 		 (device && *device) ? device : "");
> 
> It keeps the default assignment from edac_mc_alloc_dimms() but changes
> we label if one of bank or device is given.

Yap, that should take care of all possible "configurations" BIOS throws
at us.

Toshi, could you pls add this to the fix and test it on your machine to
make sure it still works as expected?

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ