lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <2ebe5a36-ce81-4d26-a12b-7affbd65c5e3@app.fastmail.com>
Date: Thu, 15 Feb 2024 09:03:02 +0100
From: "Arnd Bergmann" <arnd@...db.de>
To: "Zhu Yanjun" <yanjun.zhu@...ux.dev>, "Arnd Bergmann" <arnd@...nel.org>,
 "Saeed Mahameed" <saeedm@...dia.com>, "Leon Romanovsky" <leon@...nel.org>
Cc: "David S . Miller" <davem@...emloft.net>,
 "Eric Dumazet" <edumazet@...gle.com>, "Jakub Kicinski" <kuba@...nel.org>,
 "Paolo Abeni" <pabeni@...hat.com>, "Yevgeny Kliteynik" <kliteyn@...dia.com>,
 "Alex Vesker" <valex@...dia.com>, "Hamdan Igbaria" <hamdani@...dia.com>,
 Netdev <netdev@...r.kernel.org>, linux-rdma@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net/mlx5: fix possible stack overflows

On Thu, Feb 15, 2024, at 01:18, Zhu Yanjun wrote:
> 在 2024/2/13 18:08, Arnd Bergmann 写道:

>>   static int
>> -dr_dump_rule_rx_tx(struct seq_file *file, struct mlx5dr_rule_rx_tx *rule_rx_tx,
>> +dr_dump_rule_rx_tx(struct seq_file *file, char *buff,
>> +		   struct mlx5dr_rule_rx_tx *rule_rx_tx,
>>   		   bool is_rx, const u64 rule_id, u8 format_ver)
>>   {
>>   	struct mlx5dr_ste *ste_arr[DR_RULE_MAX_STES + DR_ACTION_MAX_STES];
>> @@ -533,7 +532,7 @@ dr_dump_rule_rx_tx(struct seq_file *file, struct mlx5dr_rule_rx_tx *rule_rx_tx,
>>   		return 0;
>>   
>>   	while (i--) {
>> -		ret = dr_dump_rule_mem(file, ste_arr[i], is_rx, rule_id,
>
> Before buff is reused, I am not sure whether buff should be firstly 
> zeroed or not.

I don't see why it would, but if you want to zero it, that would be
a separate patch that is already needed on the existing code,
which never zeroes its buffers.

    Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ