lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Sep 2006 22:30:55 -0400 From: Theodore Tso <tytso@....edu> To: Eric Sandeen <esandeen@...hat.com> Cc: linux-ext4@...r.kernel.org Subject: Comments on respun 16T patches: group_desc_loops On Wed, Aug 30, 2006 at 01:18:21PM -0500, Eric Sandeen wrote: > http://people.redhat.com/esandeen/ext3/e2fsprogs-1.39-16T/e2fsprogs-hg-20060830-16T-patches.tar.gz In the group_desc_loops patches in the above tarball: >For loops iterating over all group descriptors, consistently define >first_block and last_block in a way that they are inclusive of the >range, and do not overflow. > >Previously on the last block group we did a test of <= first + dec_blocks; >this would actually wrap back to 0 for a total block count of 2^32-1 As far as I can tell this is not a problem. sb->s_last_block can be at most 2**32-1 --- which means that the last valid block number is actually 2**32-2, since block numbers are zero based. So as long as the handling of the last block group is correct, I don't think we actually need to make the <= to < change. It's not wrong to make the change, just not necessary as far as I can see. Also, there are some files for which the only change was variable names. That's fine, but the changelogs should state that. So there is a last block group handling bug in ext2fs_check_desc(), but I didn't see any other bugs that this patch would actually affect. Am I missing anything? Regards, - Ted - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists