| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <173652778610.3103415.15796406713093643015.b4-ty@kernel.org>
Date: Fri, 10 Jan 2025 08:49:47 -0800
From: Kees Cook <kees@...nel.org>
To: Nicolas Pitre <npitre@...libre.com>,
Dan Carpenter <dan.carpenter@...aro.org>
Cc: Kees Cook <kees@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>,
Jan Kara <jack@...e.cz>,
Eric Biederman <ebiederm@...ssion.com>,
linux-fsdevel@...r.kernel.org,
linux-mm@...ck.org,
linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] binfmt_flat: Fix integer overflow bug on 32 bit systems
On Wed, 04 Dec 2024 15:07:15 +0300, Dan Carpenter wrote:
> Most of these sizes and counts are capped at 256MB so the math doesn't
> result in an integer overflow. The "relocs" count needs to be checked
> as well. Otherwise on 32bit systems the calculation of "full_data"
> could be wrong.
>
> full_data = data_len + relocs * sizeof(unsigned long);
>
> [...]
Applied to for-next/topic/execve/core, thanks!
[1/1] binfmt_flat: Fix integer overflow bug on 32 bit systems
https://git.kernel.org/kees/c/55cf2f4b945f
Take care,
--
Kees Cook
Powered by blists - more mailing lists