lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 9 Feb 2024 16:28:33 +0200
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: Abhishek Pandit-Subedi <abhishekpandit@...omium.org>
Cc: Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
	linux-usb@...r.kernel.org, jthies@...gle.com, pmalani@...omium.org,
	Neil Armstrong <neil.armstrong@...aro.org>,
	Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
	Fabrice Gasnier <fabrice.gasnier@...s.st.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Hans de Goede <hdegoede@...hat.com>,
	Rajaram Regupathy <rajaram.regupathy@...el.com>,
	Saranya Gopal <saranya.gopal@...el.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 1/3] usb: typec: ucsi: Limit read size on v1.2

On Thu, Feb 08, 2024 at 10:02:38PM -0800, Abhishek Pandit-Subedi wrote:
> Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was
> increased from 16 to 256. In order to avoid overflowing reads for older
> systems, add a mechanism to use the read UCSI version to truncate read
> sizes on UCSI v1.2.

..

> +	if (ucsi->version <= UCSI_VERSION_1_2)
> +		buf_size = min_t(size_t, 16, buf_size);

Please, avoid using min_t(). Here the clamp() can be used.
Shouldn't magic number be defined?

-- 
With Best Regards,
Andy Shevchenko



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ