lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <48043100-a817-4ca2-a141-60e3ab9cbfef@acm.org>
Date: Mon, 15 Apr 2024 10:26:26 -0700
From: Bart Van Assche <bvanassche@....org>
To: Sam Sun <samsun1006219@...il.com>, linux-kernel@...r.kernel.org,
 martin.petersen@...cle.com
Cc: linux-scsi@...r.kernel.org, xrivendell7@...il.com,
 syzkaller-bugs@...glegroups.com
Subject: Re: [PATCH] drivers: scsi: fix shift-out-of-bounds in
 sg_build_indirect

On 4/14/24 20:14, Sam Sun wrote:
> -    num = scatter_elem_sz;
> +    num = max(scatter_elem_sz, PAGE_SIZE);

Shouldn't the following statements be modified instead of the above
statement? I think these are the only statements that can cause
scatter_elem_sz to become smaller than PAGE_SIZE:

	scatter_elem_sz = ret_sz;
	scatter_elem_sz_prev = ret_sz;

Thanks,

Bart.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ