lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240108092733.5bc8d980@hermes.local>
Date: Mon, 8 Jan 2024 09:27:33 -0800
From: Stephen Hemminger <stephen@...workplumber.org>
To: Maks Mishin <maks.mishinfz@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH] maketable: Add check for ZERO for variable sigma2

On Sun,  7 Jan 2024 00:14:22 +0300
Maks Mishin <maks.mishinfz@...il.com> wrote:

> If variable `limit` == 1, then `n` == 1 and then second for-loop will
> not do because of variable `sigma2` maybe ZERO.
> Added check for ZERO for `sigma2` before it is used as denominator.
> 
> Signed-off-by: Maks Mishin <maks.mishinFZ@...il.com>
> ---
>  netem/maketable.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/netem/maketable.c b/netem/maketable.c
> index ad8620a4..56b1d0bb 100644
> --- a/netem/maketable.c
> +++ b/netem/maketable.c
> @@ -68,6 +68,10 @@ arraystats(double *x, int limit, double *mu, double *sigma, double *rho)
>  		sigma2 += ((double)x[i-1] - *mu)*((double)x[i-1] - *mu);
>  
>  	}
> +	if (sigma2 == 0) {
> +		perror("Division by zero in top/sigma2");
> +		exit(3);
> +	}
>  	*rho = top/sigma2;
>  }
>  

This looks like a purely theoretical not practical problem.
Just tried the tool with input files likely to create the problem (no data, one sample, etc)
and could not reproduce any problem.

What input could make this happen?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ