| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87y0ql80nc.fsf@bootlin.com> Date: Thu, 11 Sep 2025 17:33:11 +0200 From: Miquel Raynal <miquel.raynal@...tlin.com> To: Pratyush Yadav <pratyush@...nel.org> Cc: Gabor Juhos <j4g8y7@...il.com>, Santhosh Kumar K <s-k6@...com>, Richard Weinberger <richard@....at>, Vignesh Raghavendra <vigneshr@...com>, linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org, stable@...r.kernel.org, Daniel Golle <daniel@...rotopia.org> Subject: Re: [PATCH v2] mtd: core: always verify OOB offset in mtd_check_oob_ops() On 11/09/2025 at 16:05:31 +02, Miquel Raynal <miquel.raynal@...tlin.com> wrote: >>> Sorry for the inconvenience. >>> >>>> Gabor, can you check what happens with mtdblock? >> >> My guess from a quick look at the code is that NOR devices have >> mtd->oobsize == 0 and mtd_read() sets ops->ooboffs and ops->ooblen to 0. >> So now that this check is not guarded by if (ops->ooblen), it gets >> triggered for NOR devices on the mtd_read() path and essentially turns >> into an if (0 >= 0), returning -EINVAL. >> >> Maybe a better check is if ((ops->ooboffs + ops->ooblen) > >> mtd_oobavail())? > > Interesting, might make sense to do it this way. > > Thanks Pratyush for the suggestion, it is worth the try. I actually have another patch series to remove and I don't have more time to dedicate to these issues at the moment, so I will force push and drop all the problematic patches. More testing is needed. Thanks, Miquèl
Powered by blists - more mailing lists