| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aDd4RA5vHz1RjFuk@agluck-desk3>
Date: Wed, 28 May 2025 13:55:32 -0700
From: "Luck, Tony" <tony.luck@...el.com>
To: Zaid Alali <zaidal@...amperecomputing.com>
Cc: rafael@...nel.org, lenb@...nel.org, james.morse@....com, bp@...en8.de,
robert.moore@...el.com, Jonathan.Cameron@...wei.com,
ira.weiny@...el.com, Benjamin.Cheatham@....com,
dan.j.williams@...el.com, arnd@...db.de, Avadhut.Naik@....com,
u.kleine-koenig@...gutronix.de, john.allen@....com,
linux-acpi@...r.kernel.org, linux-kernel@...r.kernel.org,
acpica-devel@...ts.linux.dev
Subject: Re: [PATCH v7 5/9] ACPI: APEI: EINJ: Enable the discovery of EINJv2
capabilities
On Tue, May 06, 2025 at 02:38:09PM -0700, Zaid Alali wrote:
> -static int error_type_set(void *data, u64 val)
> +static ssize_t error_type_set(struct file *file, const char __user *buf,
> + size_t count, loff_t *ppos)
> {
> int rc;
> + u64 val;
> +
Add
if (count > sizeof(einj_buf) - 1)
return -EINVAL;
to make sure copy_from_user() can't corrupt memory after
the einj_buf[].
> + memset(einj_buf, 0, sizeof(einj_buf));
> + if (copy_from_user(einj_buf, buf, count))
> + return -EFAULT;
> +
> + if (strncmp(einj_buf, "V2_", 3) == 0) {
> + if (!sscanf(einj_buf, "V2_%llx", &val))
> + return -EINVAL;
> + } else {
> + if (!sscanf(einj_buf, "%llx", &val))
> + return -EINVAL;
> + }
-Tony
Powered by blists - more mailing lists