| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <63D4756D-31B7-4EA9-A92F-181A680206EF@toblux.com> Date: Thu, 3 Oct 2024 17:02:07 +0200 From: Thorsten Blum <thorsten.blum@...lux.com> To: Jan Hendrik Farr <kernel@...rr.cc> Cc: Kees Cook <kees@...nel.org>, kent.overstreet@...ux.dev, regressions@...ts.linux.dev, linux-bcachefs@...r.kernel.org, linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org, ardb@...nel.org, morbo@...gle.com Subject: Re: [REGRESSION][BISECTED] erroneous buffer overflow detected in bch2_xattr_validate On 3. Oct 2024, at 15:12, Jan Hendrik Farr <kernel@...rr.cc> wrote: > On 03 15:07:52, Thorsten Blum wrote: >> On 3. Oct 2024, at 13:33, Jan Hendrik Farr <kernel@...rr.cc> wrote: >>>> [...] >>> >>> This issue is now fixed on the llvm main branch: >>> https://github.com/llvm/llvm-project/commit/882457a2eedbe6d53161b2f78fcf769fc9a93e8a >> >> Thanks! >> >> Do you know if it also fixes the different sizes here: >> https://godbolt.org/z/vvK9PE1Yq > > Unfortunately this still prints 36. I just realized that the counted_by attribute itself causes the 4 bytes difference. When you remove the attribute, the sizes are equal again. >> I ran out of disk space when compiling llvm :0 >> >>> So presumably this will go into 19.1.2, not sure what this means for >>> distros that ship clang 18. Will they have to be notified to backport >>> this? >>> >>> Best Regards >>> Jan
Powered by blists - more mailing lists