| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <748e3619-6569-2f71-7ed1-f67225892e14@squashfs.org.uk>
Date: Fri, 17 Nov 2023 02:17:33 +0000
From: Phillip Lougher <phillip@...ashfs.org.uk>
To: Andrew Morton <akpm@...ux-foundation.org>,
Lizhi Xu <lizhi.xu@...driver.com>
Cc: syzbot+32d3767580a1ea339a81@...kaller.appspotmail.com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
squashfs-devel@...ts.sourceforge.net,
syzkaller-bugs@...glegroups.com
Subject: Re: [PATCH] squashfs: squashfs_read_data need to check if the length
is 0
On 16/11/2023 21:43, Andrew Morton wrote:
> On Thu, 16 Nov 2023 11:13:52 +0800 Lizhi Xu <lizhi.xu@...driver.com> wrote:
>
>> when the length passed in is 0, the subsequent process should be exited.
>
> Thanks, but when fixing a bug, please always describe the runtime
> effects of that bug. Amongst other things, other people need this
> information to be able to decide which kernel versions need patching.
>
>> Reported-by: syzbot+32d3767580a1ea339a81@...kaller.appspotmail.com
>
> Which is a reason why we're now adding the "Closes:" tag after
> Reported-by:.
Which is also one reason why you should always run scripts/checkpatch.pl
on your patch. This alerted me to the need for a "Closes:" tag
after Reported-by: on the last patch I sent.
>
> I googled the sysbot email address and so added
>
> Closes: https://lkml.kernel.org/r/0000000000000526f2060a30a085@google.com
>
> to the changelog.
Thanks. That is indeed the sysbot issue that the patch fixes.
>
> I'll assume that a -stable kernel backport is needed.
>
>
Yes.
Phillip
Powered by blists - more mailing lists