lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 4 Sep 2023 12:44:56 +0300
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     Edward AD <eadavis@...a.com>,
        syzbot+85792f3143e6271d2c97@...kaller.appspotmail.com,
        linux-kernel@...r.kernel.org, rafael@...nel.org,
        syzkaller-bugs@...glegroups.com
Subject: Re: [PATCH] kobject: fix kobj and fmt are both null

On Sun, Sep 03, 2023 at 02:54:53PM +0200, Greg KH wrote:
> On Sun, Sep 03, 2023 at 08:42:31PM +0800, Edward AD wrote:
> > If kobj and fmt are both NULL, it will cause an exception in kvasprintf_const,
> > then when this situation occurs, -EINVAL is directly returned.
> 
> How can this happen?  Are there any in-kernel users that cause this to
> occur?

Theoretically anything which uses

	dev_set_name(dev, dev_name(dev));

is affected, but practically it happens only when _previous_ dev_set_name()
fails, which _only_ may happen due to fault injection.

> If so, which ones, why not fix that?

In any case the real fix is here:
https://lore.kernel.org/all/20230828145824.3895288-1-andriy.shevchenko@linux.intel.com/

> And your description isn't quite correct here, you are not checking for
> kobj, but rather kobj->name.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ