lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Thu, 5 Jan 2023 19:28:11 +0000
From:   Eric Biggers <ebiggers@...nel.org>
To:     Theodore Ts'o <tytso@....edu>
Cc:     Lukas Czerner <lczerner@...hat.com>, linux-ext4@...r.kernel.org,
        Jeremy Bongio <bongiojp@...il.com>,
        Jeremy Bongio <jbongio@...gle.com>
Subject: Re: [e2fsprogs PATCH] tune2fs: fix setting fsuuid::fsu_len

On Thu, Jan 05, 2023 at 10:53:07AM -0800, Jeremy Bongio wrote:
> Thanks for catching that!
> 
> Reviewed-by: Jeremy Bongio <bongiojp@...il.com>
> 
> On Wed, Jan 4, 2023 at 2:39 AM Lukas Czerner <lczerner@...hat.com> wrote:
> 
> > On Wed, Jan 04, 2023 at 01:04:01AM -0800, Eric Biggers wrote:
> > > From: Eric Biggers <ebiggers@...gle.com>
> > >
> > > Minus does not mean equals.
> > >
> > > Besides fixing an obvious bug, this avoids the following compiler
> > > warning with clang -Wall:
> > >
> > > tune2fs.c:3625:20: warning: expression result unused [-Wunused-value]
> > >                         fsuuid->fsu_len - UUID_SIZE;
> > >                         ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~

The real thanks goes to the compiler for warning about this.

Ted, considering the build warnings (some of which are caused by actual bugs)
and build errors that regularly show up in new e2fsprogs releases, have you
considered adding some sort of CI to upstream e2fsprogs?

These days, a very common practice for projects on GitHub is to have a ci.yml
file in .github/workflows/ci.yml that enables testing with GitHub Actions, and
require that it passes before accepting pull requests.  That can include
enforcing a clean build with -Wall -Werror with both gcc and clang; building for
Linux, macOS, and Windows; build and testing on non-x86 architectures; enforcing
that the tests pass with sanitization options like ASAN and UBSAN enabled, etc.
Here's the one I use for fscryptctl which is pretty basic but shows a few things:
https://github.com/google/fscryptctl/blob/master/.github/workflows/ci.yml

Now, presumably e2fsprogs development isn't about to move to GitHub.  However,
it's still possible to just push to a fork of the repo on GitHub after applying
patches, and get all the results from GitHub Actions.

And it looks like e2fsprogs is already being mirrored at
https://github.com/tytso/e2fsprogs.

Ted, would you be interested in a .github/workflows/ci.yml file for e2fsprogs so
that CI results will be available at https://github.com/tytso/e2fsprogs/actions?

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ