| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Dec 2012 11:15:19 +0800
From: Chen Gang <gang.chen@...anux.com>
To: Theodore Ts'o <tytso@....edu>
CC: jack@...e.cz, akpm@...ux-foundation.org, linux-ext4@...r.kernel.org
Subject: Re: [PATCH] fs/ext3: use kzalloc instead of kmalloc
于 2012年12月26日 02:48, Theodore Ts'o 写道:
> On Mon, Dec 24, 2012 at 01:28:53PM +0800, Chen Gang wrote:
>>
>> better to use kzalloc instead of kmalloc.
>> if acl_e->e_tag is neither ACL_USER, nor ACL_GROUP.
>> entry->e_id will not be initialized
>>
>> we can not say it is a bug, but suggest to initialize it, too.
>>
>> Signed-off-by: Chen Gang <gang.chen@...anux.com>
>
> This shouldn't be a problem, since if e_tag is not ACL_USER nor
> ACL_GROUP, the on-disk encoding does not include e_id at all.
>
ok, thanks. it is my fault.
:-)
> That being said, it looks to me there's another bug hiding here. The
> size of the extended attribute is calculated by ext3_acl_size(), and
> it looks totally wrong. For one thing, it caluclates the size of the
> xattr assuming all of the stored encoding ext3_acl_entry_short ---
> which would not be the case if we had a acl entry of type ACL_USER or
> ACL_GROUP.
>
> But if that were the case, it would mean that we would not be storing
> the full acl entry on disk, which would be a pretty horrible and
> obvious breakage.
>
checking the ext3_acl_size, it does not like what you said above.
but we can say, the design for ext3_acl_size is really not quit well.
(maybe can cause issue).
26 static inline size_t ext3_acl_size(int count)
27 {
28 if (count <= 4) {
29 return sizeof(ext3_acl_header) +
30 count * sizeof(ext3_acl_entry_short);
31 } else {
32 return sizeof(ext3_acl_header) +
33 4 * sizeof(ext3_acl_entry_short) +
34 (count - 4) * sizeof(ext3_acl_entry);
35 }
36 }
> I haven't had time to check this yet, but I wanted to flag this so
> hopefully someone else should double check this..... It would seem to
> me that the better thing to do would be to calculate the size as part
> of the for loop in ext3_acl_to_disk(), and drop ext3_acl_size() from
> acl.h. (This code exists in ext4 as well, so if we have a bug in
> ext3, we would have a similar bug in ext4.)
>
at least, for my idea:
your design for ext3_acl_size is a standard one.
it is necessary to use your design instead of original design.
if you also like me to provide the relative patch, please tell me.
thanks.
gchen.
>
> - Ted
>
>
--
Chen Gang
Asianux Corporation
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists