lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251028184254.1d902b50@kernel.org>
Date: Tue, 28 Oct 2025 18:42:54 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Ankan Biswas <spyjetfayed@...il.com>
Cc: ajit.khaparde@...adcom.com, sriharsha.basavapatna@...adcom.com,
 somnath.kotur@...adcom.com, andrew+netdev@...n.ch, davem@...emloft.net,
 edumazet@...gle.com, pabeni@...hat.com, netdev@...r.kernel.org,
 linux-kernel@...r.kernel.org, skhan@...uxfoundation.org, khalid@...nel.org,
 david.hunter.linux@...il.com, linux-kernel-mentees@...ts.linux.dev
Subject: Re: [PATCH v3] net: ethernet: emulex: benet: fix
 adapter->fw_on_flash truncation warning

On Fri, 24 Oct 2025 23:45:41 +0530 Ankan Biswas wrote:
> The benet driver copies both fw_ver (32 bytes) and fw_on_flash (32 bytes)
> into ethtool_drvinfo->fw_version (32 bytes), leading to a potential
> string truncation warning when built with W=1.
> 
> Store fw_on_flash in ethtool_drvinfo->erom_version instead, which some
> drivers use to report secondary firmware information.

You are changing user-visible behavior to silence a W=1 warning.
I can't stress enough how bad of an idea this is.
Please find a better fix.. or leave this code be.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ