subject:"Re\: \[PATCH\] crypto\: zip \- Memory corruption in zip_clear

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

2017-03-24 Thread Herbert Xu

On Fri, Mar 17, 2017 at 11:46:21PM +0300, Dan Carpenter wrote:
> There is a typo here.  It should be "stats" instead of "state".  The
> impact is that we clear 224 bytes instead of 80 and we zero out memory
> that we shouldn't.
> 
> Fixes: 09ae5d37e093 ("crypto: zip - Add Compression/Decompression statistics")
> Signed-off-by: Dan Carpenter 

Patch applied.  Thanks.
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

2017-03-20 Thread Mahipal Reddy

On Sat, Mar 18, 2017 at 4:29 PM, Dan Carpenter  wrote:
> On Sat, Mar 18, 2017 at 11:24:34AM +0100, walter harms wrote:
>>
>>
>> Am 17.03.2017 21:46, schrieb Dan Carpenter:
>> > There is a typo here.  It should be "stats" instead of "state".  The
>> > impact is that we clear 224 bytes instead of 80 and we zero out memory
>> > that we shouldn't.

Thank you Dan for identifying the issue. Yes there is a typo and it needs a fix.


>> > Fixes: 09ae5d37e093 ("crypto: zip - Add Compression/Decompression 
>> > statistics")
>> > Signed-off-by: Dan Carpenter 
>> >
>> > diff --git a/drivers/crypto/cavium/zip/zip_main.c 
>> > b/drivers/crypto/cavium/zip/zip_main.c
>> > index 0951e20b395b..6ff13d80d82e 100644
>> > --- a/drivers/crypto/cavium/zip/zip_main.c
>> > +++ b/drivers/crypto/cavium/zip/zip_main.c
>> > @@ -530,7 +530,7 @@ static int zip_clear_stats(struct seq_file *s, void 
>> > *unused)
>> > for (index = 0; index < MAX_ZIP_DEVICES; index++) {
>> > if (zip_dev[index]) {
>> > memset(_dev[index]->stats, 0,
>> > -  sizeof(struct zip_state));
>> > +  sizeof(struct zip_stats));

Yes this resolves the issue.
Thanks for this fix.
Mahipal

>>
>> as future FIXME some show find a name that differ in more than just the last 
>> char.
>> NTL maybe
>>  sizeof(zip_dev[index]->stats)
>> can be used here ?
>
> That's sort of unweildy.  I don't fear that change because I'm confident
> I would catch it with static analysis.
>
> regards,
> dan carpenter
>

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

2017-03-18 Thread Dan Carpenter

On Sat, Mar 18, 2017 at 11:24:34AM +0100, walter harms wrote:
> 
> 
> Am 17.03.2017 21:46, schrieb Dan Carpenter:
> > There is a typo here.  It should be "stats" instead of "state".  The
> > impact is that we clear 224 bytes instead of 80 and we zero out memory
> > that we shouldn't.
> > 
> > Fixes: 09ae5d37e093 ("crypto: zip - Add Compression/Decompression 
> > statistics")
> > Signed-off-by: Dan Carpenter 
> > 
> > diff --git a/drivers/crypto/cavium/zip/zip_main.c 
> > b/drivers/crypto/cavium/zip/zip_main.c
> > index 0951e20b395b..6ff13d80d82e 100644
> > --- a/drivers/crypto/cavium/zip/zip_main.c
> > +++ b/drivers/crypto/cavium/zip/zip_main.c
> > @@ -530,7 +530,7 @@ static int zip_clear_stats(struct seq_file *s, void 
> > *unused)
> > for (index = 0; index < MAX_ZIP_DEVICES; index++) {
> > if (zip_dev[index]) {
> > memset(_dev[index]->stats, 0,
> > -  sizeof(struct zip_state));
> > +  sizeof(struct zip_stats));
> 
> 
> as future FIXME some show find a name that differ in more than just the last 
> char.
> NTL maybe
>  sizeof(zip_dev[index]->stats)
> can be used here ?

That's sort of unweildy.  I don't fear that change because I'm confident
I would catch it with static analysis.

regards,
dan carpenter

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

2017-03-18 Thread walter harms



Am 17.03.2017 21:46, schrieb Dan Carpenter:
> There is a typo here.  It should be "stats" instead of "state".  The
> impact is that we clear 224 bytes instead of 80 and we zero out memory
> that we shouldn't.
> 
> Fixes: 09ae5d37e093 ("crypto: zip - Add Compression/Decompression statistics")
> Signed-off-by: Dan Carpenter 
> 
> diff --git a/drivers/crypto/cavium/zip/zip_main.c 
> b/drivers/crypto/cavium/zip/zip_main.c
> index 0951e20b395b..6ff13d80d82e 100644
> --- a/drivers/crypto/cavium/zip/zip_main.c
> +++ b/drivers/crypto/cavium/zip/zip_main.c
> @@ -530,7 +530,7 @@ static int zip_clear_stats(struct seq_file *s, void 
> *unused)
>   for (index = 0; index < MAX_ZIP_DEVICES; index++) {
>   if (zip_dev[index]) {
>   memset(_dev[index]->stats, 0,
> -sizeof(struct zip_state));
> +sizeof(struct zip_stats));


as future FIXME some show find a name that differ in more than just the last 
char.
NTL maybe
 sizeof(zip_dev[index]->stats)
can be used here ?

re,
 wh

>   seq_printf(s, "Cleared stats for zip %d\n", index);
>   }
>   }
> --
> To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
> the body of a message to majord...@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

Re: [PATCH] crypto: zip - Memory corruption in zip_clear_stats()

4 matches

Site Navigation

Mail list logo

Footer information