| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aDc2qGgYVzXMSUpz@stanley.mountain> Date: Wed, 28 May 2025 19:15:36 +0300 From: Dan Carpenter <dan.carpenter@...aro.org> To: Alison Schofield <alison.schofield@...el.com> Cc: Shiju Jose <shiju.jose@...wei.com>, Davidlohr Bueso <dave@...olabs.net>, Jonathan Cameron <jonathan.cameron@...wei.com>, Dave Jiang <dave.jiang@...el.com>, Vishal Verma <vishal.l.verma@...el.com>, Ira Weiny <ira.weiny@...el.com>, Dan Williams <dan.j.williams@...el.com>, Li Ming <ming.li@...omail.com>, Fan Ni <fan.ni@...sung.com>, linux-cxl@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: Re: [PATCH next] cxl: fix return value in cxlctl_validate_set_features() On Wed, May 28, 2025 at 08:22:35AM -0700, Alison Schofield wrote: > On Wed, May 28, 2025 at 11:11:41AM +0300, Dan Carpenter wrote: > > The cxlctl_validate_set_features() function is type bool. It's supposed > > to return true for valid requests and false for invalid. However, this > > error path returns ERR_PTR(-EINVAL) which is true when it was intended to > > return false. > > Shiju - Can you trace this one through and add the impact statement? > Wondering if this is going to fail gracefully, or badly, further > down this path? > Sorry, I would normally analyse this a bit more myself, but it's only in linux-next so I assumed no one was using it yet. It ends up being fine. cxlctl_set_feature() has a check for: if (rpc_in->op_size <= sizeof(feat_in->hdr)) at the start and sizeof(feat_in->hdr) is larger than sizeof(uuid_t). regards, dan carpenter
Powered by blists - more mailing lists