lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 Mar 2024 20:56:16 +0300
From: Nikita Kiryushin <kiryushin@...ud.ru>
To: paulmck@...nel.org
Cc: Frederic Weisbecker <frederic@...nel.org>,
 Neeraj Upadhyay <quic_neeraju@...cinc.com>,
 Joel Fernandes <joel@...lfernandes.org>,
 Josh Triplett <josh@...htriplett.org>, Boqun Feng <boqun.feng@...il.com>,
 Steven Rostedt <rostedt@...dmis.org>,
 Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
 Lai Jiangshan <jiangshanlai@...il.com>, Zqiang <qiang.zhang1211@...il.com>,
 rcu@...r.kernel.org, linux-kernel@...r.kernel.org,
 lvc-project@...uxtesting.org
Subject: Re: [PATCH] rcu: Fix buffer overlow in print_cpu_stall_info()


Thank you for the feedback!
> would you like to resend keeping the buffer-overflow fix but leaving
> out the signed-to-unsigned conversion?
>
I will make a second version of the patch, without
conversion as it is intentional.
> However, the signed output is intentional.  The idea is that if the
> timekeeping code is confused enough to run the jiffies counter backwards,
> we see a small negative number rather than a huge positive number.
> For example, -132 is immediately obvious, while the 64-bit unsigned
> equivalent of 18446744073709551484 might not be.
I had suspicions that was the case, however, I did not find the pointers
in the code or in the commit message, that it was intentional, so I assumed
a mistake.
Maybe, it would be a good idea for me to add a comment with intent
clarification, to reduce possibility of the same confusion in the future,
while I am at it? If so, should I do it in the same patch, or make a separate one?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ