lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5bdf63e7-9b57-44a8-8816-c4d0aafc51e1@acm.org>
Date: Tue, 23 Sep 2025 09:57:58 -0700
From: Bart Van Assche <bvanassche@....org>
To: Bean Huo <beanhuo@...pp.de>, avri.altman@....com,
 alim.akhtar@...sung.com, jejb@...ux.ibm.com, martin.petersen@...cle.com,
 can.guo@....qualcomm.com, ulf.hansson@...aro.org, beanhuo@...ron.com,
 jens.wiklander@...aro.org
Cc: linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 2/3] scsi: ufs: core: fix incorrect buffer duplication
 in ufshcd_read_string_desc()

On 9/23/25 8:39 AM, Bean Huo wrote:
> The function ufshcd_read_string_desc() was duplicating memory starting
> from the beginning of struct uc_string_id, which included the length
> and type fields. As a result, the allocated buffer contained unwanted
> metadata in addition to the string itself.
> 
> The correct behavior is to duplicate only the Unicode character array in
> the structure. Update the code so that only the actual string content is
> copied into the new buffer.

Please add a Fixes: tag. Otherwise this patch looks good to me.

Thanks,

Bart.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ