I wrote a post: "Case study: Searching for a vulnerability pattern in the Linux kernel".
It's a funny story about #syzkaller, @Semmle @LGTM, Coccinelle and a "public 0day".https://a13xp0p0v.github.io/2019/08/10/cfu.html …
-
-
I double-checked and I was surprised to see that Coverity didn't see this issue. As
@tehjh pointed out, sparse has been warning about it for a while since it's a argument type violation (but with a constructed type). I wonder if we could trick gcc or clang into seeing it too.0 proslijeđenih tweetova 1 korisnik označava da mu se sviđa
Odgovor korisnicima @kees_cook @a13xp0p0v i sljedećem broju korisnika:
2 things go to my "kernel dev process peculiarities" collection: - another case of lost patch - "sparse pointing to a bug" does not mean anything: not on anybody's radar, fix is still lost, not sparse warning that allowed to recover the fix
23:57 - 13. kol 2019.
0 replies
0 proslijeđenih tweetova
2 korisnika označavaju da im se sviđa
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.