lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <fb65fc45-b1f1-47ef-b700-e90c6ef84957@ghiti.fr>
Date: Fri, 11 Apr 2025 13:21:35 +0200
From: Alexandre Ghiti <alex@...ti.fr>
To: Samuel Holland <samuel.holland@...ive.com>,
 Palmer Dabbelt <palmer@...belt.com>, linux-riscv@...ts.infradead.org
Cc: Andrew Jones <ajones@...tanamicro.com>,
 Pinkesh Vaghela <pinkesh.vaghela@...fochips.com>,
 Pritesh Patel <pritesh.patel@...fochips.com>,
 Darshan Prajapati <darshan.prajapati@...fochips.com>,
 Albert Ou <aou@...s.berkeley.edu>, Amma Lee <lixiaoyun@...ary-semi.com>,
 Charlie Jenkins <charlie@...osinc.com>, Clément Léger
 <cleger@...osinc.com>, Jinjie Ruan <ruanjinjie@...wei.com>,
 Luis Chamberlain <mcgrof@...nel.org>, Maxim Kochetkov <fido_max@...ox.ru>,
 "Mike Rapoport (IBM)" <rppt@...nel.org>,
 Paul Walmsley <paul.walmsley@...ive.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/3] riscv: module: Fix out-of-bounds relocation access

Hi Samuel,

On 09/04/2025 19:14, Samuel Holland wrote:
> The current code allows rel[j] to access one element past the end of the
> relocation section. Simplify to num_relocations which is equivalent to
> the existing size expression.
>
> Fixes: 080c4324fa5e ("riscv: optimize ELF relocation function in riscv")
> Signed-off-by: Samuel Holland <samuel.holland@...ive.com>
> ---
>
> Changes in v2:
>   - New patch for v2
>
>   arch/riscv/kernel/module.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/riscv/kernel/module.c b/arch/riscv/kernel/module.c
> index 47d0ebeec93c..060f576cc988 100644
> --- a/arch/riscv/kernel/module.c
> +++ b/arch/riscv/kernel/module.c
> @@ -859,7 +859,7 @@ int apply_relocate_add(Elf_Shdr *sechdrs, const char *strtab,
>   				}
>   
>   				j++;
> -				if (j > sechdrs[relsec].sh_size / sizeof(*rel))
> +				if (j == num_relocations)
>   					j = 0;
>   
>   			} while (j_idx != j);


Reviewed-by: Alexandre Ghiti <alexghiti@...osinc.com>

Thanks,

Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ