Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp2214469rwb; Sat, 29 Jul 2023 02:11:10 -0700 (PDT) X-Google-Smtp-Source: APBJJlFF9IYHbbYtl5IR9RqYM1Q31Q3HuT/9tKQhTsM5hcFRWoI8hoyGGmnfQvEMnc6FCoWO57Dw X-Received: by 2002:a05:6a20:258a:b0:134:81bc:6ce9 with SMTP id k10-20020a056a20258a00b0013481bc6ce9mr4505189pzd.21.1690621870171; Sat, 29 Jul 2023 02:11:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690621870; cv=none; d=google.com; s=arc-20160816; b=dtwxtc4Nq+UvPy0Sn789ACRAtPPjm9ZpvMl+gEBrg0IxYxX6Cnhtibvf3oR19iBfkW 9SSGJllZpVYcAJi+WlBBI1HioDA5vJ1/6e6T6wETZPl+SOHb40LPEqOAjiGHvDOe1jjZ ErbQzTfqWN40vymeu7Vs5dsdaXVTdE50apAo4wYd+RCJ9eTzlsw6r4lWkPBiZbI8NE1/ UrzAiwzcUoY2+0EM+jkst/oKvaghu38PmvLE6gdOZHG2E4/9n5KbE/LornBeERxZmozd 01CCJdWU78Ki3iXsK4zi/b2OwR81KmpTw1vLcep0G1Iv8+irpycAnm2cx3QZYr8X7T/L v47Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=DdrHYPMQYLJmddGX94pvpJ6E88vmJebW8Rb2QWoBMLs=; fh=wmqMNpgci5YHdMpvVZAwRSD5EH87bvGwkF6cmhSvkR4=; b=RhwYg9y76uTZEFWiciUr5fjnGL68mTs/4OUqpfPFWMKrWgB0mh+Q9npsNMsYir0ec5 1cUF6/MfHBGDkkzLfMbQpBCoiKC0tlxUT8kCPvRViidLK/Munj04UMWoKk65X8hQJVtC HzSd61uT9IgJbgvIKvJms1q1fK88TPckdutyXI5nIMehEXES5fBPikb50mwoG9BhQzpx 4pk2eDfBHQ/H+LZsOhZzfktnIgV9HDbQwzEYNAlFCylE3YTcG7s5eAzuEKY0a/cNqG0U SMPTU+zQO4Tc7y+cMmJjkcgvO4Sgnyori9Ou5IXTmymSd79ltDniV+kt6x6+SdxMY81W zBIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s62-20020a635e41000000b0056337aa2f02si4287293pgb.351.2023.07.29.02.10.58; Sat, 29 Jul 2023 02:11:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236631AbjG2H3q (ORCPT + 99 others); Sat, 29 Jul 2023 03:29:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229379AbjG2H3p (ORCPT ); Sat, 29 Jul 2023 03:29:45 -0400 Received: from 1wt.eu (ded1.1wt.eu [163.172.96.212]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id A1F7649D5; Sat, 29 Jul 2023 00:29:43 -0700 (PDT) Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id 36T7TXZF004173; Sat, 29 Jul 2023 09:29:33 +0200 Date: Sat, 29 Jul 2023 09:29:33 +0200 From: Willy Tarreau To: Thomas =?iso-8859-1?Q?Wei=DFschuh?= Cc: Shuah Khan , Zhangjin Wu , linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] selftests/nolibc: avoid buffer underrun in space printing Message-ID: <20230729072933.GF956@1wt.eu> References: <20230726-nolibc-result-width-v1-1-d1d2dc21844e@weissschuh.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20230726-nolibc-result-width-v1-1-d1d2dc21844e@weissschuh.net> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 26, 2023 at 08:08:13AM +0200, Thomas Wei?schuh wrote: > If the test description is longer than the status alignment the > parameter 'n' to putcharn() would lead to a signed underflow that then > gets converted to a very large unsigned value. > This in turn leads out-of-bound writes in memset() crashing the > application. > > The failure case of EXPECT_PTRER() used in "mmap_bad" exhibits this > exact behavior. > > Fixes: 8a27526f49f9 ("selftests/nolibc: add EXPECT_PTREQ, EXPECT_PTRNE and EXPECT_PTRER") > Signed-off-by: Thomas Wei?schuh Applied, thank you Thomas! Willy