lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 01 Sep 2022 13:14:02 +0530
From:   Siddh Raman Pant <code@...dh.me>
To:     "Elliott, Robert (Servers)" <elliott@....com>
Cc:     "palmer@...osinc.com" <palmer@...osinc.com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "johan.hedberg@...il.com" <johan.hedberg@...il.com>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "linux-bluetooth@...r.kernel.org" <linux-bluetooth@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux@...osinc.com" <linux@...osinc.com>,
        "luiz.dentz@...il.com" <luiz.dentz@...il.com>,
        "marcel@...tmann.org" <marcel@...tmann.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "pabeni@...hat.com" <pabeni@...hat.com>
Subject: RE: [PATCH] Bluetooth: L2CAP: Elide a string overflow warning

On Tue, 30 Aug 2022 01:21:58 +0530  Elliott, Robert (Servers)  wrote:
> > -----Original Message-----
> > From: Siddh Raman Pant code@...dh.me>
> > Sent: Thursday, August 25, 2022 6:01 AM
> > To: palmer@...osinc.com
> > Cc: davem@...emloft.net; edumazet@...gle.com; johan.hedberg@...il.com;
> > kuba@...nel.org; linux-bluetooth@...r.kernel.org; linux-
> > kernel@...r.kernel.org; linux@...osinc.com; luiz.dentz@...il.com;
> > marcel@...tmann.org; netdev@...r.kernel.org; pabeni@...hat.com
> > Subject: Re: [PATCH] Bluetooth: L2CAP: Elide a string overflow warning
> > 
> > On Fri, 12 Aug 2022 11:22:49 +0530  Palmer Dabbelt  wrote:
> > > From: Palmer Dabbelt palmer@...osinc.com>
> > >
> > > Without this I get a string op warning related to copying from a
> > > possibly NULL pointer.  I think the warning is spurious, but it's
> > > tripping up allmodconfig.
> > 
> > I think it is not spurious, and is due to the following commit:
> > d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put")
> 
> That commit was OK - it added an "if (!c) continue" to handle if
> the value c is changed to NULL.
>  
> > The following commit fixes a similar problem (added the NULL check on line
> > 1996):
> > 332f1795ca20 ("Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression")
> 
> That commit wiped out the "if (!c) continue" path escape clause
> from the previous patch, introducing a path back to code that
> doesn't check for NULL:

You are correct, thanks for clarifying. Sorry for getting it reversed.

So I think this patch can be modified to just introduce back the escape
clause rather than having an extra indentation.

Thanks,
Siddh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ