| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <60686dc1-5b8b-47c8-b7b6-2348f2ce58c7@linux.dev> Date: Thu, 8 May 2025 12:28:38 +0100 From: Vadim Fedorenko <vadim.fedorenko@...ux.dev> To: Sagi Maimon <maimon.sagi@...il.com>, jonathan.lemon@...il.com, richardcochran@...il.com, andrew+netdev@...n.ch, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH v2] ptp: ocp: Limit SMA/signal/freq counts in show/store functions On 08/05/2025 08:19, Sagi Maimon wrote: > The sysfs show/store operations could access uninitialized elements in > the freq_in[], signal_out[], and sma[] arrays, leading to NULL pointer > dereferences. This patch introduces u8 fields (nr_freq_in, nr_signal_out, > nr_sma) to track the actual number of initialized elements, capping the > maximum at 4 for each array. The affected show/store functions are updated to > respect these limits, preventing out-of-bounds access and ensuring safe > array handling. > > Signed-off-by: Sagi Maimon <maimon.sagi@...il.com> > --- > Addressed comments from Simon Horman: > - https://www.spinics.net/lists/netdev/msg1089986.html > Changes since v1: > - Increase label buffer size from 8 to 16 bytes to prevent potential buffer > overflow warnings from GCC 14.2.0 during string formatting. > --- Reviewed-by: Vadim Fedorenko <vadim.fedorenko@...ux.dev>
Powered by blists - more mailing lists