| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240403131518.61392-1-warthog618@gmail.com> Date: Wed, 3 Apr 2024 21:15:16 +0800 From: Kent Gibson <warthog618@...il.com> To: linux-kernel@...r.kernel.org, linux-gpio@...r.kernel.org, brgl@...ev.pl, linus.walleij@...aro.org Cc: Kent Gibson <warthog618@...il.com> Subject: [PATCH 0/2] gpio: cdev: label sanitization fixes This series fixes a couple of bugs in the sanitization of labels being passed to irq. Patch 1 fixes a missed path in the sanitization changes that can result in memory corruption. Patch 2 fixes the case where userspace provides empty labels. I've placed my Patch 1 before Bart's Patch 2 as it has to relocate make_irq_label() and free_irq_label(), while Bart's patch modifies them. This order keeps the patch sizes minimal and the attribution where it belongs. Patch 2 has been very lightly modified to rebase it onto Patch 1, including extending it to cover the modified error return for the debounce_setup() case. Cheers, Kent. Bartosz Golaszewski (1): gpio: cdev: check for NULL labels when sanitizing them for irqs Kent Gibson (1): gpio: cdev: fix missed label sanitizing in debounce_setup() drivers/gpio/gpiolib-cdev.c | 48 ++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 16 deletions(-) base-commit: 782f4e47ffc19622bf80b3c0cf9cadd2b0b9a644 -- 2.39.2
Powered by blists - more mailing lists