| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <2ebe5a36-ce81-4d26-a12b-7affbd65c5e3@app.fastmail.com>
Date: Thu, 15 Feb 2024 09:03:02 +0100
From: "Arnd Bergmann" <arnd@...db.de>
To: "Zhu Yanjun" <yanjun.zhu@...ux.dev>, "Arnd Bergmann" <arnd@...nel.org>,
"Saeed Mahameed" <saeedm@...dia.com>, "Leon Romanovsky" <leon@...nel.org>
Cc: "David S . Miller" <davem@...emloft.net>,
"Eric Dumazet" <edumazet@...gle.com>, "Jakub Kicinski" <kuba@...nel.org>,
"Paolo Abeni" <pabeni@...hat.com>, "Yevgeny Kliteynik" <kliteyn@...dia.com>,
"Alex Vesker" <valex@...dia.com>, "Hamdan Igbaria" <hamdani@...dia.com>,
Netdev <netdev@...r.kernel.org>, linux-rdma@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net/mlx5: fix possible stack overflows
On Thu, Feb 15, 2024, at 01:18, Zhu Yanjun wrote:
> 在 2024/2/13 18:08, Arnd Bergmann 写道:
>> static int
>> -dr_dump_rule_rx_tx(struct seq_file *file, struct mlx5dr_rule_rx_tx *rule_rx_tx,
>> +dr_dump_rule_rx_tx(struct seq_file *file, char *buff,
>> + struct mlx5dr_rule_rx_tx *rule_rx_tx,
>> bool is_rx, const u64 rule_id, u8 format_ver)
>> {
>> struct mlx5dr_ste *ste_arr[DR_RULE_MAX_STES + DR_ACTION_MAX_STES];
>> @@ -533,7 +532,7 @@ dr_dump_rule_rx_tx(struct seq_file *file, struct mlx5dr_rule_rx_tx *rule_rx_tx,
>> return 0;
>>
>> while (i--) {
>> - ret = dr_dump_rule_mem(file, ste_arr[i], is_rx, rule_id,
>
> Before buff is reused, I am not sure whether buff should be firstly
> zeroed or not.
I don't see why it would, but if you want to zero it, that would be
a separate patch that is already needed on the existing code,
which never zeroes its buffers.
Arnd
Powered by blists - more mailing lists