| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Apr 2010 18:54:49 +0530 From: Nikanth Karthikesan <knikanth@...e.de> To: Alexander Viro <viro@...iv.linux.org.uk> Cc: linux-fsdevel@...r.kernel.org, "Theodore Ts'o" <tytso@....edu>, Andreas Dilger <adilger@....com>, linux-ext4@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Eelis <opensuse.org@...tacts.eelis.net> Subject: [PATCH] Prevent creation of files larger than RLIMIT_FSIZE using fallocate Prevent creation of files larger than RLIMIT_FSIZE using fallocate. Currently using posix_fallocate one can bypass an RLIMIT_FSIZE limit and create a file larger than the limit. Add a check for new size in the fallocate system call. File-systems supporting fallocate such as ext4 are affected by this bug. Signed-off-by: Nikanth Karthikesan <knikanth@...e.de> Reported-by: Eelis - <opensuse.org@...tacts.eelis.net> --- diff --git a/fs/open.c b/fs/open.c index 74e5cd9..95ce069 100644 --- a/fs/open.c +++ b/fs/open.c @@ -412,10 +412,14 @@ int do_fallocate(struct file *file, int mode, loff_t offset, loff_t len) if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) return -ENODEV; - /* Check for wrap through zero too */ - if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) + /* Check for wrap through zero */ + if (offset+len < 0) return -EFBIG; + ret = inode_newsize_ok(inode, (offset + len)); + if (ret) + return ret; + if (!inode->i_op->fallocate) return -EOPNOTSUPP; -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists