Received: by 10.213.65.68 with SMTP id h4csp73764imn; Fri, 16 Mar 2018 18:30:49 -0700 (PDT) X-Google-Smtp-Source: AG47ELu9kGJnCwpH0+bFP6Qkynd6qcHbTvERBszflMhKscHik/RiC1XNvlokjjJgQNpKgCimryVo X-Received: by 10.99.107.6 with SMTP id g6mr3141318pgc.109.1521250249616; Fri, 16 Mar 2018 18:30:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521250249; cv=none; d=google.com; s=arc-20160816; b=ku8bonWhRDlzQ/jPSUzei0CqHKRePkgJPnVhur+hgAq+6V/MPdl8myzng68O2yDn7u idGXBSoKX7HoCOvN0H7Bsuo2dyNEMBVao6VUi7LTogfCtBun/e2WOulWlXgjQbqfEtEt RdcYiNEItBwmc/bn73A1TgmtslnoMGTOaSxCxxEQJ/HZNI5UfP1xtrnY9O7WyVE4oJro 5YCpyCXaZSeQHU02EUlrSlYL59FcXzmqBAbu4locLQMQlCg1dLBTr6WucFT2Z9g2TWnQ D3xEChHeoVuhEZ5mPnOOtxcO2/cX3dvvWrgzr/jU7gzqCvnyt3odBWYFJLLdt2tra46Q Z1ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=ykQWdLraR3tqdcRVFuayJt1tfuSvHsHNiTowCfvl/j8=; b=gdclXDLV2Q+7iG2BOnbbB8l2oe07NBoajBZYxwy30ywJll5qxxVGZd06VJwtBbTcxF PScFa+c91j/m7hMP6eOSCjpmbFI7KBModkZHvdEp6bbnOGNtNXqXSIXu26NIo8cByCw6 r60p518c47Ojxp0s86S9tnHTDsF8nMvRUU4stISTNuPYECDZ8rjn+jPjB4LfesYrFGSP p4mdUnhUd934nWkrFu/aW9BwGWh+72gEgRlvI1Fev7nUch3WegqDIfjAnOEslHMGjJ48 dueCRB9UXo8vwobqEN4C+gaGUkZ1hPjKSH7QtGqwfexTjNKCF7puJgMNHA4Pz42t2IKQ AUHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=venkDRE1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x3-v6si7143031plb.738.2018.03.16.18.30.33; Fri, 16 Mar 2018 18:30:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=venkDRE1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752798AbeCQB3l (ORCPT + 99 others); Fri, 16 Mar 2018 21:29:41 -0400 Received: from mail-pg0-f47.google.com ([74.125.83.47]:38201 "EHLO mail-pg0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751437AbeCQB3j (ORCPT ); Fri, 16 Mar 2018 21:29:39 -0400 Received: by mail-pg0-f47.google.com with SMTP id a15so4760835pgn.5 for ; Fri, 16 Mar 2018 18:29:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=ykQWdLraR3tqdcRVFuayJt1tfuSvHsHNiTowCfvl/j8=; b=venkDRE1/PTJfAQUzp0cWedLdAAatJoqXr7szHxoOvenDqsiDu8KKp9BTYq9M5IoY4 gucAzBvfQs9ZdVhfUechVyum3P8CJgZGj10iwTinmNKZPbsL3KKpSvb/u0J31OTzCXf3 iLOhAZdtsmvevbe91mf7EaDgyTDiojVh4fl1b83FDimTV7Fhiw+2WCnM2ouaSjPCxKF1 E/+TWaEp8boPy61VYLyYFEFiopWkhk6P8fdbzidXPUmHo7yLEjHj26Mbisz/aZvnFafO 4VABS8fL5dsgGh1rId8QuJdZTLWbIzf5AAt6mALGJwlj/ZfrApRnIAMdZRLPHHjL5ls8 rZig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=ykQWdLraR3tqdcRVFuayJt1tfuSvHsHNiTowCfvl/j8=; b=imwjEBIeuOiuciaE8RU4cckySrAG6evDRvXyqPawhG9oBDbPY5HSq1Md68RU4l5/Uo OAoyemZtj4Dvj4epgceu4O3yTwoh7b8B2jQgNQq/+3omDa2RUiX5fKZB7Av/FDhGfaX+ a6Xz/LHfNNVvsRsOL6J/+3SLwJM7gVk8eOdA18EdDzlur88mmC5Lwxoqi3eYf6Ntp+b+ ZE+zreS1bldjxrIRjNv+xaBZBiPXKb8gAtWDF4tNVXvoQPAlDugVDepMxPsWIN1Hh8E+ g9cBu0dbWb61TbvVB9ogKjwlDYypPotuswTVJ8pBSqr6MbRltDHqmbyhDh1wBq6AZJ9t U1/g== X-Gm-Message-State: AElRT7G0wFa9II1UwOXz+S79iVRQFJCC3j3cUkOQpviDj4ybRNS/PpeP 4gfJYNZjyyhf86S8BMqLs/U= X-Received: by 10.98.69.196 with SMTP id n65mr3396823pfi.29.1521250179130; Fri, 16 Mar 2018 18:29:39 -0700 (PDT) Received: from localhost ([121.137.63.184]) by smtp.gmail.com with ESMTPSA id y21sm16599143pfm.31.2018.03.16.18.29.37 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 16 Mar 2018 18:29:37 -0700 (PDT) Date: Sat, 17 Mar 2018 10:29:35 +0900 From: Sergey Senozhatsky To: Petr Mladek Cc: Sergey Senozhatsky , Linus Torvalds , Steven Rostedt , Andy Shevchenko , Rasmus Villemoes , "Tobin C . Harding" , Joe Perches , Linux Kernel Mailing List , Andrew Morton , Michal Hocko , Sergey Senozhatsky Subject: Re: [PATCH v3] vsprintf: Prevent crash when dereferencing invalid pointers Message-ID: <20180317012935.GA6691@tigerII.localdomain> References: <20180309150153.3sxbbpd6jdn2d5yy@pathway.suse.cz> <20180314140947.rs3b6i5gguzzu5wi@pathway.suse.cz> <20180315075842.GD3628@jagdpanzerIV> <20180315080309.GF3628@jagdpanzerIV> <20180315130117.7c2fb761@vmware.local.home> <20180316011852.GA5139@jagdpanzerIV> <20180316055346.GB5139@jagdpanzerIV> <20180316085556.t3j65zyuyjzro3n3@pathway.suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180316085556.t3j65zyuyjzro3n3@pathway.suse.cz> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On (03/16/18 09:55), Petr Mladek wrote: [..] > I am not sure if it is worth it. I think that we would catch 99% of > problems by checking the first byte. > > This patch was motivated by a code clean up rather than bug reports. OK. Then I think we really need this "the patch is just good enough" line in the commit message and a big comment in the source code. Another idea (just an idea) - for some pointers we know the address range we are going to access and can check the first and the last byte. E.g. for UUID it's check_access(ptr) and check_access(ptr + len), and so on. Won't work for string() in general case, tho. -ss