lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZykQiY0jvxKqrCIb@google.com>
Date: Mon, 4 Nov 2024 18:20:57 +0000
From: Aleksei Vetrov <vvvvvv@...gle.com>
To: Jeff Johnson <quic_jjohnson@...cinc.com>
Cc: Johannes Berg <johannes@...solutions.net>, Kees Cook <kees@...nel.org>,
	"Gustavo A. R. Silva" <gustavoars@...nel.org>,
	Dmitry Antipov <dmantipov@...dex.ru>,
	linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-hardening@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v2] wifi: nl80211: fix bounds checker error in
 nl80211_parse_sched_scan

On Mon, Nov 04, 2024 at 09:12:09AM -0800, Jeff Johnson wrote:
> Reviewed-by: Jeff Johnson <quic_jjohnson@...cinc.com>
> 
> And it is exactly this kind of issue why I'm not accepting any __counted_by()
> changes in ath.git without actually testing the code that is modified.

However, I was really lucky that my setup used nl80211_parse_sched_scan
during normal operations and triggered bound sanitizer. After the patch
was developed, I accidently wiped my device and couldn't reproduce the
bug again normally, so I had to use iw tool to trigger
nl80211_parse_sched_scan manually to test it properly.

I looked for some tests that cover this function and that I can run on
the device, but couldn't find any. It would be nice if you know about
such tests, so I can check if there are any other places where bound
sanitizer may be triggered. I only know syzkaller tool that may be used
to get more kernel coverage in general.

Best regards,
--
Aleksei Vetrov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ