| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Mar 2018 16:59:13 -0800 From: Eric Biggers <ebiggers3@...il.com> To: linux-ext4@...r.kernel.org Cc: Eric Biggers <ebiggers@...gle.com> Subject: [PATCH 00/10] e2fsprogs: symlink fixes From: Eric Biggers <ebiggers@...gle.com> Hello, Here's a collection of fixes for symlink handling in e2fsprogs. This started out as a fix for e2fsck's handling encrypted symlinks, but it turned into several fixes for e2fsck's detection of bad symlinks (including unencrypted ones) as well as a couple fixes for creating symlinks via libext2fs. Please pay close attention to "e2fsck: validate the targets of extent-based symlinks" and "e2fsck: require that fast symlinks don't have EXT4_EXTENTS_FL", but I think they are safe. Eric Biggers (10): libext2fs: forbid creating symlinks using entire block libext2fs: make sure the system.data xattr gets created e2fsck: fix reading fscrypt_symlink_data.len e2fsck: validate that fscrypt_symlink_data.len is not too large e2fsck: validate fscrypt_symlink_data.len for fast symlinks too e2fsck: require i_size == fscrypt_symlink_data.len + 2 e2fsck: drop redundant checks of symlink i_size e2fsck: validate the targets of extent-based symlinks e2fsck: require that fast symlinks don't have EXT4_EXTENTS_FL tests: test e2fsck of bad symlinks e2fsck/pass1.c | 98 ++++++++++++------------ lib/ext2fs/inline_data.c | 50 ++++++------- lib/ext2fs/symlink.c | 15 ++-- tests/f_badsymlinks2/expect.1 | 114 ++++++++++++++++++++++++++++ tests/f_badsymlinks2/expect.2 | 7 ++ tests/f_badsymlinks2/image.gz | Bin 0 -> 14302 bytes tests/f_badsymlinks2/mkimage.sh | 127 ++++++++++++++++++++++++++++++++ tests/f_badsymlinks2/name | 1 + tests/f_create_symlinks/expect | 46 +++++++----- tests/f_create_symlinks/script | 8 +- 10 files changed, 365 insertions(+), 101 deletions(-) create mode 100644 tests/f_badsymlinks2/expect.1 create mode 100644 tests/f_badsymlinks2/expect.2 create mode 100644 tests/f_badsymlinks2/image.gz create mode 100755 tests/f_badsymlinks2/mkimage.sh create mode 100644 tests/f_badsymlinks2/name -- 2.16.2.395.g2e18187dfd-goog
Powered by blists - more mailing lists