| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Aug 2023 15:15:28 +0100
From: Bryan O'Donoghue <bryan.odonoghue@...aro.org>
To: Vikash Garodia <quic_vgarodia@...cinc.com>,
stanimir.k.varbanov@...il.com, agross@...nel.org,
andersson@...nel.org, konrad.dybcio@...aro.org, mchehab@...nel.org,
hans.verkuil@...co.com, tfiga@...omium.org
Cc: linux-media@...r.kernel.org, linux-arm-msm@...r.kernel.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v2 4/4] venus: hfi_parser: Add check to keep the number of
codecs within range
On 14/08/2023 07:34, Vikash Garodia wrote:
>> We have two loops that check for up to 32 indexes per loop. Why not have a
>> capabilities index that can accommodate all 64 bits ?
> Max codecs supported can be 32, which is also a very high number. At max the
> hardware supports 5-6 codecs, including both decoder and encoder. 64 indices is
> would not be needed.
>
But the bug you are fixing here is an overflow where we have received a
full range 32 bit for each decode and encode.
How is the right fix not to extend the storage to the maximum possible 2
x 32 ? Or indeed why not constrain the input data to 32/2 for each
encode/decode path ?
The bug here is that we can copy two arrays of size X into one array of
size X.
Please consider expanding the size of the storage array to accommodate
the full size the protocol supports 2 x 32.
---
bod
Powered by blists - more mailing lists