| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id:
<168919562039.4783.10687758800247909993.git-patchwork-notify@kernel.org>
Date: Wed, 12 Jul 2023 21:00:20 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: jiri@...nulli.us, kuba@...nel.org, davem@...emloft.net,
edumazet@...gle.com, pabeni@...hat.com, idosch@...lanox.com,
netdev@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH net] devlink: uninitialized data in
nsim_dev_trap_fa_cookie_write()
Hello:
This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@...nel.org>:
On Tue, 11 Jul 2023 11:52:26 +0300 you wrote:
> The simple_write_to_buffer() function is designed to handle partial
> writes. It returns negatives on error, otherwise it returns the number
> of bytes that were able to be copied. This code doesn't check the
> return properly. We only know that the first byte is written, the rest
> of the buffer might be uninitialized.
>
> There is no need to use the simple_write_to_buffer() function.
> Partial writes are prohibited by the "if (*ppos != 0)" check at the
> start of the function. Just use memdup_user() and copy the whole
> buffer.
>
> [...]
Here is the summary with links:
- [net] devlink: uninitialized data in nsim_dev_trap_fa_cookie_write()
https://git.kernel.org/netdev/net/c/f72207a5c0db
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists