lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <d8026b7f005a4d20562983e344d70d3d6f72d82a.camel@sipsolutions.net>
Date: Fri, 30 Jan 2026 14:25:05 +0100
From: Johannes Berg <johannes@...solutions.net>
To: Aleksandr Nesterenko <alexandernesterenko837@...il.com>, 
	jeff.johnson@....qualcomm.com, davem@...emloft.net, kuba@...nel.org
Cc: linux-wireless@...r.kernel.org, netdev@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] wifi: ath9k: add range check for epid in
 htc_issue_send()

On Fri, 2026-01-30 at 13:59 +0100, Aleksandr Nesterenko wrote:
> 
> While htc_connect_service() now validates the endpoint ID before storing
> it, htc_issue_send() can still receive invalid epid values from callers
> such as htc_send() and htc_send_epid().

I'm not convinced, what makes you think so?

Arguably, even the prior fix was somewhat confusing, because it used the
ENDPOINT_MAX value as an indicator that the response wasn't success,
could have checked that more explicitly.

(And why did you send the same thing three times in 6 minutes?!)

johannes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ