Roel Kluin writes:
According to http://cwe.mitre.org/data/slices/2000.html#14 due to
optimization
A call to memset() can be removed as a dead store when the buffer is not used
after its value is overwritten. Does this optimization also occur during
compilation of the Linux kernel? Then
On Thu, Feb 25, 2010 at 5:56 PM, Mikael Pettersson mi...@it.uu.se wrote:
I fear that the only portable (across compiler versions) and safe
solution is to invoke an assembly-coded dummy function with prototype
void use(void *p);
and rewrite the code above as
{
Pekka Enberg writes:
On Thu, Feb 25, 2010 at 5:56 PM, Mikael Pettersson mi...@it.uu.se wrote:
I fear that the only portable (across compiler versions) and safe
solution is to invoke an assembly-coded dummy function with prototype
void use(void *p);
and rewrite the code
On Thu, Feb 25, 2010 at 10:56 AM, Mikael Pettersson mi...@it.uu.se wrote:
Roel Kluin writes:
Due to optimization A call to memset() may be removed as a dead store when
the buffer is not used after its value is overwritten.
Signed-off-by: Roel Kluin roel.kl...@gmail.com
---
see
Mikael Pettersson wrote:
It's only vulnerable if the data leaks to a less trusted domain.
There is no domain crossing in your user-space example.
In the kernel case, the domain crossing would be as I wrote: leaking
recycled and uninitialized memory to user-space (and those leaks of
Also from that document:
If you know how large the accessed memory is, you can add it as input or
output but if this is not known, you should add memory. As an example, if
you access ten bytes of a string, you can use a memory input like:
{m( ({ struct { char x[10]; } *p = (void
On Thu, 25 Feb 2010, Mikael Pettersson wrote:
In the sha1_update() case I don't know whether the stack is recycled and
leaked - it may be dependent on the calling function, but isn't it
vulnerable?
It's only vulnerable if the data leaks to a less trusted domain.
If it is anything you
Hi Linus:
Here is the crypto update for 2.6.34:
* New pcrypt module to spread crypto work across CPUs.
* Added RFC4543 GCM support.
* Added nomadik RNG driver.
* MD5 export/import support.
* Random fixes.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git