| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZykQiY0jvxKqrCIb@google.com> Date: Mon, 4 Nov 2024 18:20:57 +0000 From: Aleksei Vetrov <vvvvvv@...gle.com> To: Jeff Johnson <quic_jjohnson@...cinc.com> Cc: Johannes Berg <johannes@...solutions.net>, Kees Cook <kees@...nel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Dmitry Antipov <dmantipov@...dex.ru>, linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org, stable@...r.kernel.org Subject: Re: [PATCH v2] wifi: nl80211: fix bounds checker error in nl80211_parse_sched_scan On Mon, Nov 04, 2024 at 09:12:09AM -0800, Jeff Johnson wrote: > Reviewed-by: Jeff Johnson <quic_jjohnson@...cinc.com> > > And it is exactly this kind of issue why I'm not accepting any __counted_by() > changes in ath.git without actually testing the code that is modified. However, I was really lucky that my setup used nl80211_parse_sched_scan during normal operations and triggered bound sanitizer. After the patch was developed, I accidently wiped my device and couldn't reproduce the bug again normally, so I had to use iw tool to trigger nl80211_parse_sched_scan manually to test it properly. I looked for some tests that cover this function and that I can run on the device, but couldn't find any. It would be nice if you know about such tests, so I can check if there are any other places where bound sanitizer may be triggered. I only know syzkaller tool that may be used to get more kernel coverage in general. Best regards, -- Aleksei Vetrov
Powered by blists - more mailing lists