| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250509204334.GT3339421@horms.kernel.org> Date: Fri, 9 May 2025 21:43:34 +0100 From: Simon Horman <horms@...nel.org> To: Sagi Maimon <maimon.sagi@...il.com> Cc: jonathan.lemon@...il.com, vadim.fedorenko@...ux.dev, richardcochran@...il.com, andrew+netdev@...n.ch, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH v2] ptp: ocp: Limit SMA/signal/freq counts in show/store functions On Thu, May 08, 2025 at 10:19:01AM +0300, Sagi Maimon wrote: > The sysfs show/store operations could access uninitialized elements in > the freq_in[], signal_out[], and sma[] arrays, leading to NULL pointer > dereferences. This patch introduces u8 fields (nr_freq_in, nr_signal_out, > nr_sma) to track the actual number of initialized elements, capping the > maximum at 4 for each array. The affected show/store functions are updated to > respect these limits, preventing out-of-bounds access and ensuring safe > array handling. > > Signed-off-by: Sagi Maimon <maimon.sagi@...il.com> > --- > Addressed comments from Simon Horman: > - https://www.spinics.net/lists/netdev/msg1089986.html > Changes since v1: > - Increase label buffer size from 8 to 16 bytes to prevent potential buffer > overflow warnings from GCC 14.2.0 during string formatting. Reviewed-by: Simon Horman <horms@...nel.org>
Powered by blists - more mailing lists