| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y9+fYuixrjGnkReH@p183>
Date: Sun, 5 Feb 2023 15:21:54 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Chao Yu <chao@...nel.org>, viro@...iv.linux.org.uk,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH 1/2] proc: fix to check name length in proc_lookup_de()
On Thu, Feb 02, 2023 at 03:41:54PM -0800, Andrew Morton wrote:
> On Wed, 1 Feb 2023 21:01:14 +0800 Chao Yu <chao@...nel.org> wrote:
>
> > Hi Andrew,
> >
> > Could you please take a look at this patchset? Or should I ping
> > Alexey Dobriyan?
> >
>
> [patch 1/2]: Alexey wasn't keen on the v1 patch. What changed?
Nothing! /proc lived without this check for 30 years:
int proc_match(int len,const char * name,struct proc_dir_entry * de)
{
register int same __asm__("ax");
if (!de || !de->low_ino)
return 0;
/* "" means "." ---> so paths like "/usr/lib//libc.a" work */
if (!len && (de->name[0]=='.') && (de->name[1]=='\0'))
return 1;
if (de->namelen != len)
return 0;
__asm__("cld\n\t"
"repe ; cmpsb\n\t"
"setz %%al"
:"=a" (same)
:"0" (0),"S" ((long) name),"D" ((long) de->name),"c" (len)
:"cx","di","si");
return same;
}
Powered by blists - more mailing lists