lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5746919.DvuYhMxLoT@terabithia>
Date: Tue, 23 Jan 2024 21:35:04 -0600
From: Elizabeth Figura <zfigura@...eweavers.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org,
 linux-api@...r.kernel.org, wine-devel@...ehq.org,
 André Almeida <andrealmeid@...lia.com>,
 Wolfram Sang <wsa@...nel.org>, Arkadiusz Hiler <ahiler@...eweavers.com>,
 Peter Zijlstra <peterz@...radead.org>
Subject:
 Re: [RFC PATCH 3/9] ntsync: Introduce NTSYNC_IOC_CREATE_SEM and
 NTSYNC_IOC_DELETE.

On Tuesday, 23 January 2024 19:14:17 CST Greg Kroah-Hartman wrote:
> On Tue, Jan 23, 2024 at 06:40:22PM -0600, Elizabeth Figura wrote:
> > +static int ntsync_create_sem(struct ntsync_device *dev, void __user
> > *argp)
> > +{
> > +	struct ntsync_sem_args __user *user_args = argp;
> > +	struct ntsync_sem_args args;
> > +	struct ntsync_obj *sem;
> > +	__u32 id;
> > +	int ret;
> > +
> > +	if (copy_from_user(&args, argp, sizeof(args)))
> > +		return -EFAULT;
> > +
> > +	if (args.count > args.max)
> > +		return -EINVAL;
> 
> No bounds checking on count or max?
> 
> What's the relationship between count and max?  

Indeed, no bounds checking. The counter is just the semaphore's internal value 
and has no meaning other than that.

It's basically like an EFD_SEMAPHORE, except that the maximum is configurable 
rather than always being 2**64-2.

> Some sort of real
> documentation is needed here, the changelog needs to explain this.  Or
> somewhere, but as-is, this patch series is pretty unreviewable as I
> can't figure out how to review it because I don't know what it wants to
> do.

There is some comprehensive documentation in the series, but for ease of 
review I will try to write a basic description of the API in each relevant 
patch in v2.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ