lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 26 Apr 2024 18:24:35 +0100
From: Daniel Thompson <daniel.thompson@...aro.org>
To: Jason Wessel <jason.wessel@...driver.com>, 
 Douglas Anderson <dianders@...omium.org>, 
 Daniel Thompson <daniel.thompson@...aro.org>
Cc: kgdb-bugreport@...ts.sourceforge.net, linux-kernel@...r.kernel.org, 
 Justin Stitt <justinstitt@...gle.com>, stable@...r.kernel.org
Subject: Re: [PATCH v3 0/7] kdb: Refactor and fix bugs in kdb_read()


On Wed, 24 Apr 2024 15:03:33 +0100, Daniel Thompson wrote:
> Inspired by a patch from [Justin][1] I took a closer look at kdb_read().
> 
> Despite Justin's patch being a (correct) one-line manipulation it was a
> tough patch to review because the surrounding code was hard to read and
> it looked like there were unfixed problems.
> 
> This series isn't enough to make kdb_read() beautiful but it does make
> it shorter, easier to reason about and fixes two buffer overflows and a
> screen redraw problem!
> 
> [...]

Applied, thanks!

[1/7] kdb: Fix buffer overflow during tab-complete
      commit: e9730744bf3af04cda23799029342aa3cddbc454
[2/7] kdb: Use format-strings rather than '\0' injection in kdb_read()
      commit: 09b35989421dfd5573f0b4683c7700a7483c71f9
[3/7] kdb: Fix console handling when editing and tab-completing commands
      commit: db2f9c7dc29114f531df4a425d0867d01e1f1e28
[4/7] kdb: Merge identical case statements in kdb_read()
      commit: 6244917f377bf64719551b58592a02a0336a7439
[5/7] kdb: Use format-specifiers rather than memset() for padding in kdb_read()
      commit: c9b51ddb66b1d96e4d364c088da0f1dfb004c574
[6/7] kdb: Replace double memcpy() with memmove() in kdb_read()
      commit: 80bd73c154e3063c4f9293163daf3262335f9f86
[7/7] kdb: Simplify management of tmpbuffer in kdb_read()
      commit: 64d504cfcd514743aaed3a5b79c060f0143149e9

Best regards,
-- 
Daniel Thompson <daniel.thompson@...aro.org>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ