lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 22 Feb 2013 12:55:57 -0500
From:	Theodore Ts'o <tytso@....edu>
To:	Eryu Guan <guaneryu@...il.com>, linux-ext4@...r.kernel.org,
	Zheng Liu <wenqing.lz@...bao.com>
Subject: Re: [PATCH] ext4: no need to remove extent if len is 0 in
 ext4_es_remove_extent()

This patch didn't apply since it was apparently against an older
version of the extents status patches.  Here is the version after I
fixed it up so it would apply into the current ext4 tree.  Zheng, can
you do a quick sanity check to make sure I didn't screw up anything?
Thanks!

Eryu, thanks for testing and submitting a bug fix!!

						- Ted

>From 7d46e5051453b2c4dfac4e31ae1afb30064cc404 Mon Sep 17 00:00:00 2001
From: Eryu Guan <guaneryu@...il.com>
Date: Fri, 22 Feb 2013 12:54:36 -0500
Subject: [PATCH] ext4: no need to remove extent if len is 0 in
 ext4_es_remove_extent()

len is 0 means no extent needs to be removed, so return immediately.
Otherwise it could trigger the following BUG_ON() in
ext4_es_remove_extent()

	end = lblk + len - 1;
	BUG_ON(end < lblk);

This could be reproduced by a simple truncate(1) command by an
unprivileged user

	truncate -s $(($((2**32 - 1)) * 4096)) /mnt/ext4/testfile

The same is true for __es_insert_extent().

Patched kernel passed xfstests regression test.

Signed-off-by: Eryu Guan <guaneryu@...il.com>
Signed-off-by: "Theodore Ts'o" <tytso@....edu>
Reviewed-by: Zheng Liu <wenqing.lz@...bao.com>
---
 fs/ext4/extents_status.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/fs/ext4/extents_status.c b/fs/ext4/extents_status.c
index 9f1380e..2be245b 100644
--- a/fs/ext4/extents_status.c
+++ b/fs/ext4/extents_status.c
@@ -392,6 +392,9 @@ static int __es_insert_extent(struct inode *inode, struct extent_status *newes)
 	struct rb_node *parent = NULL;
 	struct extent_status *es;
 
+	if (!len)
+		return 0;
+
 	while (*p) {
 		parent = *p;
 		es = rb_entry(parent, struct extent_status, rb_node);
@@ -456,6 +459,9 @@ int ext4_es_insert_extent(struct inode *inode, ext4_lblk_t lblk,
 	es_debug("add [%u/%u) %llu %llx to extent status tree of inode %lu\n",
 		 lblk, len, pblk, status, inode->i_ino);
 
+	if (!len)
+		return 0;
+
 	BUG_ON(end < lblk);
 
 	newes.es_lblk = lblk;
@@ -649,6 +655,9 @@ int ext4_es_remove_extent(struct inode *inode, ext4_lblk_t lblk,
 	es_debug("remove [%u/%u) from extent status tree of inode %lu\n",
 		 lblk, len, inode->i_ino);
 
+	if (!len)
+		return err;
+
 	end = lblk + len - 1;
 	BUG_ON(end < lblk);
 
-- 
1.7.12.rc0.22.gcdd159b

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ