oss-security - Re: Integer overflow in bttv driver

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <20170828094932.GA22546@kroah.com>
Date: Mon, 28 Aug 2017 11:49:32 +0200
From: Greg KH <greg@...ah.com>
To: 小雨 <1326397@...com>
Cc: linux-distros@...openwall.org, oss-security@...ts.openwall.com,
	security@...nel.org
Subject: Re: Integer overflow in bttv driver

On Mon, Aug 28, 2017 at 05:42:24PM +0800, 小雨 wrote:
> 
> > hello ,
> > 
> > I found a potential security problem which code located in https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c <https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c>.
> > 
> > In setup_window_lock function,as follows:
> > 
> > 
> > 
> > It did not check the clipcount param,causing a overflow.

Really?  What kernel version are you looking at?  The latest kernel tree
shows this, from the repo you link to above:
  https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c#L2098

what am I missing here?

Also, any specific reason you sent this to oss-security just a few
minutes after sending it to security@...nel.org?  I don't really care
for something like this that is not really an issue, but if it was,
well, you sure didn't give anyone a chance to actually fix it :)

thanks,

greg k-h

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.