Re: [PATCH] cryptui: use add_oid_to_usage correctly (Coverity)
On Sat, Feb 2, 2013 at 5:05 AM, Marcus Meissner wrote: > On Fri, Feb 01, 2013 at 03:48:27PM -0800, Juan Lang wrote: > > On Fri, Feb 1, 2013 at 3:45 PM, Juan Lang wrote: > > > > > Hi Marcus, > > > > > > -add_oid_to_usage(usage, ptr); > > > +usage = add_oid_to_usage(usage, ptr); > > > > > > This looks fine, but would you mind making the same change on line 337? > > > > > > Actually, perhaps I hit sent too early. If this memory allocation > fails, > > which is the only situation under which add_oid_to_usage doesn't just > > return its first parameter, it'll immediately crash on the next > invocation > > with a NULL pointer dereference. > > > > I'm not sure it's worth all the trouble in an out of memory situation. > > Perhaps just remove the return value and let the caller crash. > > Actually the loop around checks that as a condition and would lead to > return NULL: > > for (ptr = usageStr, comma = strchr(ptr, ','); usage && ptr && > *ptr; > > For the second one the loop around does not catch it. > > I think the add_oid_to_usage() should not even do it this way and not > touch "usage" > at all, but instead return a memory allocation error and let the caller > handle it:/ > > Or just let it crash. > Yeah, I think just letting it crash is better than trying to sort it all out. Thanks, and sorry for the confusing and buggy code :/ --Juan
Re: [PATCH] cryptui: use add_oid_to_usage correctly (Coverity)
On Fri, Feb 01, 2013 at 03:48:27PM -0800, Juan Lang wrote: > On Fri, Feb 1, 2013 at 3:45 PM, Juan Lang wrote: > > > Hi Marcus, > > > > -add_oid_to_usage(usage, ptr); > > +usage = add_oid_to_usage(usage, ptr); > > > > This looks fine, but would you mind making the same change on line 337? > > > > Actually, perhaps I hit sent too early. If this memory allocation fails, > which is the only situation under which add_oid_to_usage doesn't just > return its first parameter, it'll immediately crash on the next invocation > with a NULL pointer dereference. > > I'm not sure it's worth all the trouble in an out of memory situation. > Perhaps just remove the return value and let the caller crash. Actually the loop around checks that as a condition and would lead to return NULL: for (ptr = usageStr, comma = strchr(ptr, ','); usage && ptr && *ptr; For the second one the loop around does not catch it. I think the add_oid_to_usage() should not even do it this way and not touch "usage" at all, but instead return a memory allocation error and let the caller handle it:/ Or just let it crash. Ciao, Marcus
Re: [PATCH] Support for game DRM which overwrite the GS segment selector
On Jan 31, 2013 8:15 AM, "Alessandro Pignotti" wrote: > > Hi again, > > I've quickly implemented the aforementioned idea of fixing the segment > in the segfault handler when needed. I'm attaching my proposed patch. > > Alessandro > > Il giorno mer, 30/01/2013 alle 16.44 +0100, Alessandro Pignotti ha > scritto: > > Hi everyone, > > > > I'm trying to get a specific game which employs a seemingly custom > > protection scheme to work. The DRM does various bad things as usual, but > > a very bad one is manipulating to GS segment selector and setting it to > > a NULL segment. The GS segment is used by libc though in various ways > > (stack protection and syscall support, and probably others). > > > > I managed to get the activation procedure to go further and further by > > enclosing each offending syscall using the following 2 macros. > > > > #define SAFE_GS_START \ > > do { \ > > wine_set_gs(ntdll_get_thread_data()->gs); \ > > do > > > > #define SAFE_GS_END \ > > while(0); \ > > } while(0) > > > > Still, this method is very cumbersome since system calls happens in many > > places even outside of ntdll. Fixing the GS is also needed to support > > sigsetjmp which is used by wine's exception handling. > > > > I'd like to ask for feedback about what would be a sane way of > > supporting this application. A possible solution would be to modify > > wine's segfault handler to check if the instruction has a GS prefix > > (0x65 IIRC) and try to execute the instruction again after fixing the > > GS. > > > > Please keep me in CC since I'm not subscribed to the ML. > > > > Regards, > > Alessandro Pignotti Out of curiosity, what game is this? What protection does Protection ID show it uses?