On Thu, Jan 24, 2008 at 03:06:58PM -0600, Eric Sandeen wrote: > Willy Tarreau wrote: > > Hi Dann, > > > > On Wed, Jan 23, 2008 at 11:12:12PM -0700, dann frazier wrote: > >> This is a 2.4 backport of a linux-2.6 change by Eric Sandeen > >> (commit be6aab0e9fa6d3c6d75aa1e38ac972d8b4ee82b8) > >> > >> CVE-2006-5753 was assigned for this issue. > >> > >> I've built and boot-tested this, but I'm not sure how to exercise > >> these codepaths. > > > > I have no idea either. Let's consider that if nobody on the list knows > > how to do so, I'll merge it since you did not notice any regression. > > > > Thanks, > > Willy > > > > Sorry... here you go. Forgot to post this sooner. I hit it with > this on 2.6.x > > #include <stdio.h> > #include <sys/types.h> > #include <sys/errno.h> > > static int return_EIO(void) > { > return -EIO; > } > > int main(int argc, char ** argv) > { > ssize_t error; > ssize_t realerror = -EIO; > ssize_t (*fn_ptr)(void); > > fn_ptr = (void *)return_EIO; > > error = (ssize_t)fn_ptr(); > printf("and... error is %ld, should be %ld\n", error, realerror); > return 0; > }
Thanks Eric. Sounds like my comment about exercising these code paths wasn't too clear - the comments with your patch do make the issue clear, and this program demonstrates the void cast promotion issue well. I'm just not sure of a good way to demonstrate that my backport of this patch doesn't break anything for 2.4. -- dann frazier -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/