| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Apr 2024 14:00:57 -0700 From: Kees Cook <keescook@...omium.org> To: Jeff Johnson <quic_jjohnson@...cinc.com> Cc: Johannes Berg <johannes@...solutions.net>, Nathan Chancellor <nathan@...nel.org>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, linux-wireless@...r.kernel.org, netdev@...r.kernel.org, "Gustavo A. R. Silva" <gustavoars@...nel.org>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH] wifi: nl80211: Avoid address calculations via out of bounds array indexing On Tue, Apr 30, 2024 at 12:59:57PM -0700, Jeff Johnson wrote: > On 4/30/2024 3:01 AM, Johannes Berg wrote: > > This really doesn't even seem right, shouldn't do pointer arithmetic on > > void pointers. > > FWIW I argued this in the past in another context and Linus gave his opinion: > > https://lore.kernel.org/all/CAHk-=whFKYMrF6euVvziW+drw7-yi1pYdf=uccnzJ8k09DoTXA@mail.gmail.com/ I was going to make the same argument. :) For this case, (void *) is superior because we need to perform byte-granular arithmetic and we need to use the implicit cast to the assigned variable's type. The reason not to use the channels[] array is because we're not addressing anything in the array -- we're addressing past it. Better to use the correct allocation base. -Kees -- Kees Cook
Powered by blists - more mailing lists