| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAK+ZN9pBSY1bCbMQMoOj0qNQKvEwO_j=zxLnDcA_4O9AyL+uHA@mail.gmail.com> Date: Wed, 28 Jan 2026 10:29:31 +0800 From: Xingjing Deng <micro6947@...il.com> To: Greg KH <gregkh@...uxfoundation.org> Cc: Bjorn Andersson <andersson@...nel.org>, srini@...nel.org, amahesh@....qualcomm.com, arnd@...db.de, dri-devel@...ts.freedesktop.org, linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org, Xingjing Deng <xjdeng@...a.edu.cn>, stable@...r.kernel.org Subject: Re: [PATCH v5] misc: fastrpc: check qcom_scm_assign_mem() return in rpmsg_probe I understand the current situation. I need to record which static analysis tool I used to identify this issue and clarify that no actual testing was performed. However, I have a question: my static analysis tool is not open-source, so how should I document this? Greg KH <gregkh@...uxfoundation.org> 于2026年1月27日周二 15:10写道: > > On Tue, Jan 27, 2026 at 10:18:38AM +0800, Xingjing Deng wrote: > > I identified this issue through static program analysis. All other > > callers of this function validate its return value, so I believe a > > validation check should also be added here. > > Please don't top-post :( > > Anyway, you MUST properly document the tools used to find issues like > this in your changelog text, as our rules require. Please do so. > > thanks, > > greg k-h
Powered by blists - more mailing lists