lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 15 Nov 2007 11:45:14 -0700
From:	Andreas Dilger <adilger@....com>
To:	Theodore Ts'o <tytso@....edu>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: test for EA validity checking

On Nov 10, 2007  05:10 -0700, Andreas Dilger wrote:
> Attached is a test image for extended attribute block checking.
> This small image contains a number of different kinds of corruptions
> (bad magic, bad checksum, empty block, bad EA block number), as well
> as an old-format (v1) EA, and a valid v2 EA.

Attached is an updated patch with a new test image, that includes a
corrupt EA set on a block device.  That had been causing us some
e2fsck heartburn because of random inode table corruption.

This goes along with an updated "expand-extra-isize" patch.  The root of
the problem was that I had added an extra check to verify the EA magic
in ext2fs_read_ext_attr(), but the return value of this function was used
in check_blocks() to set pctx->errcode, and later in check_ext_attr() the
non-zero value of pctx->errcode caused an abort when
ext2fs_inode_has_valid_blocks() was false and it caused PR_1_BLOCK_ITERATE
to be hit (a fatal error).

I ended up checking the magic in all of the ext2fs_read_ext_attr() callsites,
but IMHO the library should at least be doing basic validity checking like
this.

One question that remains unclear is whether pctx->errcode being set from
the early call of check_ext_attr() should cause check_blocks() to abort?
In the common regular-file/directory/slow-symlink case pctx->errcode is
reset by the call to ext2fs_block_iterate2(), so it would seem reasonable
to go back to checking EA magic in ext2fs_read_ext_attr(), and then clearing
pctx->errcode in check_ext_attr() if the problem is fixed.

Cheers, Andreas
--
Andreas Dilger
Sr. Software Engineer, Lustre Group
Sun Microsystems of Canada, Inc.


Download attachment "e2fsprogs-tests-f_ea_checks.patch" of type "application/octet-stream" (4938 bytes)

View attachment "e2fsprogs-expand-extra-isize.patch" of type "text/plain" (50457 bytes)

Powered by blists - more mailing lists