lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 1 Aug 2018 13:23:06 +0000
From:   "Dreyfuss, Haim" <haim.dreyfuss@...el.com>
To:     Colin Ian King <colin.king@...onical.com>,
        "David S. Miller" <davem@...emloft.net>,
        Johannes Berg <johannes@...solutions.net>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] cfg80211: read wmm rules from regulatory database

> -----Original Message-----
> From: Colin Ian King [mailto:colin.king@...onical.com]
> Sent: Tuesday, July 31, 2018 2:28 PM
> To: Dreyfuss, Haim <haim.dreyfuss@...el.com>; David S. Miller
> <davem@...emloft.net>; Johannes Berg <johannes@...solutions.net>;
> netdev@...r.kernel.org; linux-wireless@...r.kernel.org
> Cc: linux-kernel@...r.kernel.org
> Subject: re: [PATCH] cfg80211: read wmm rules from regulatory database
> 
> Hi Haim,
> 
> I think there may be an issue with the commit:
> 
> From 230ebaa189af44d50dccb4a1846e39ca594e347b Mon Sep 17 00:00:00
> 2001
> From: Haim Dreyfuss <haim.dreyfuss@...el.com>
> Date: Wed, 28 Mar 2018 13:24:09 +0300
> Subject: [PATCH] cfg80211: read wmm rules from regulatory database
> 
> specifically in function: reg_copy_regd()
> 
> +       for (i = 0; i < src_regd->n_reg_rules; i++) {
>                 memcpy(&regd->reg_rules[i], &src_regd->reg_rules[i],
>                        sizeof(struct ieee80211_reg_rule));
> +               if (!src_regd->reg_rules[i].wmm_rule)
> +                       continue;
> 
> +               regd->reg_rules[i].wmm_rule = d_wmm +
> +                       (src_regd->reg_rules[i].wmm_rule - s_wmm) /
> +                       sizeof(struct ieee80211_wmm_rule);
> +       }
> 
> The pointer arithmetic (src_regd->reg_rules[i].wmm_rule - s_wmm) is
> performed in terms of the size of struct ieee80211_wmm_rule and not in
> bytes and I believe that the division by sizeof(struct
> ieee80211_wmm_rule) is not required.
> 
> This issue was detected by static analysis with Coverity Scan,
> CID#1467451 ("Extra sizeof expression"), 'suspicious_division'
> 
> I'm not 100% sure that is this a false positive or not, but I think it looks
> incorrect to me.

Yeah you're right, this is not false positive.
Johannes already fixed that and Luca will probably send it in the coming week.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ