lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Wed, 19 Apr 2023 21:42:39 +0200
From:   Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>
To:     Anup Sharma <anupnewsmail@...il.com>, davem@...emloft.net,
        edumazet@...gle.com, pabeni@...hat.com, linma@....edu.cn,
        dvyukov@...gle.com, Jakub Kicinski <kuba@...nel.org>
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: nfc: nci: fix for UBSAN: shift-out-of-bounds in
 nci_activate_target

On 19/04/2023 21:21, Anup Sharma wrote:

> 
>>>> +		pr_err("Too many supported protocol by the device\n");
>>>> +		return -EINVAL;
>>>
>>> I am pretty sure that you broke now NFC. Test the patches first and
>>> share your test scenario.
> 
> Since a reproducer for this bug is not available, I am unable to test it locally
> or through syzbot before submitting the patch. 

Reproducer is only to test the actual issue, not test the code. Code can
be tested with real device and maybe with virtual NCI driver.

> Are there any other tests that
> I can perform before submitting the patch, apart from simply compiling the kernel?

Compiling a kernel is not tested. Maybe you can test this part
successfully with virtual NCI driver, maybe not, I don't know.

> 
>>
>> BTW, ISO15693 is here protocol 128, so definitely more than 32.
> 
> Thank you for your feedback. I would like to address the UBSAN bug and I have
> thought of a potential solution which involves adding a check statement for the
> minimum and maximum values of the protocol before net/nfc/nci/core.c +912:
> 
> if (!(nci_target->supported_protocols & (1 << protocol)))
> 
> Could you please assist me in determining the correct approach?

I would first propose to check whether the UBSAN report is an actual
real issue to fix.


Best regards,
Krzysztof

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ