lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Jan 2024 23:19:28 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Hugo Villeneuve <hugo@...ovil.com>
Cc: Rengarajan S <rengarajan.s@...rochip.com>,
	Kumaravel Thiagarajan <kumaravel.thiagarajan@...rochip.com>,
	Tharun Kumar P <tharunkumar.pasumarthi@...rochip.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jiri Slaby <jirislaby@...nel.org>, linux-serial@...r.kernel.org,
	linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH v2] serial: 8250_pci1xxxx: fix off by one in
 pci1xxxx_process_read_data()

On Wed, Jan 10, 2024 at 02:46:05PM -0500, Hugo Villeneuve wrote:
> Hi,
> it is not simply a matter of adding "fix" to the title.
> 
> You must explain what and why vs. how.
> 
> Please see:
>   https://cbea.ms/git-commit/#why-not-how
> 
> for some guidelines on writing a good commit message.
> 

If you can't understand why a buffer overflow is bad then I honestly
don't know what to say...

When I was a newbie, I encountered a driver which was written in
terrible style.  And I thought why do people allow it???  This is
garbage and it's messing up the Linux kernel with its bad style.

But after I got older, I realized that he was the only person with that
hardware and the only person who cared about it.   If I started fighting
with him about style then he would leave.  He was a quirky guy with bad
taste but he was still making useful contributions so it was better to
tolerate him.

These days I'm the old quirky guy.  If you want to fight with me about
commit messages, that's fine.  I can easily just add you to my list of
subsystems which only receive bug reports instead of patches.  (I think
only BPF is on the list currently because it's annoying to track the
bpf vs bpf-next tree).

Feel free to re-write this patch however you want and give me
Reported-by credit.

regards,
dan carpenter


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ