| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a6e236f3-60a4-48da-840f-c38d7ba02475@ancud.ru> Date: Fri, 29 Mar 2024 20:56:16 +0300 From: Nikita Kiryushin <kiryushin@...ud.ru> To: paulmck@...nel.org Cc: Frederic Weisbecker <frederic@...nel.org>, Neeraj Upadhyay <quic_neeraju@...cinc.com>, Joel Fernandes <joel@...lfernandes.org>, Josh Triplett <josh@...htriplett.org>, Boqun Feng <boqun.feng@...il.com>, Steven Rostedt <rostedt@...dmis.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Lai Jiangshan <jiangshanlai@...il.com>, Zqiang <qiang.zhang1211@...il.com>, rcu@...r.kernel.org, linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org Subject: Re: [PATCH] rcu: Fix buffer overlow in print_cpu_stall_info() Thank you for the feedback! > would you like to resend keeping the buffer-overflow fix but leaving > out the signed-to-unsigned conversion? > I will make a second version of the patch, without conversion as it is intentional. > However, the signed output is intentional. The idea is that if the > timekeeping code is confused enough to run the jiffies counter backwards, > we see a small negative number rather than a huge positive number. > For example, -132 is immediately obvious, while the 64-bit unsigned > equivalent of 18446744073709551484 might not be. I had suspicions that was the case, however, I did not find the pointers in the code or in the commit message, that it was intentional, so I assumed a mistake. Maybe, it would be a good idea for me to add a comment with intent clarification, to reduce possibility of the same confusion in the future, while I am at it? If so, should I do it in the same patch, or make a separate one?
Powered by blists - more mailing lists