lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Sep 2009 11:06:18 +0800 From: Américo Wang <xiyou.wangcong@...il.com> To: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com> Cc: Wu Fengguang <fengguang.wu@...el.com>, viro@...iv.linux.org.uk, Andrew Morton <akpm@...ux-foundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "hugh.dickins@...cali.co.uk" <hugh.dickins@...cali.co.uk>, oleg@...hat.com Subject: Re: [RFC][PATCH][bugfix] more checks for negative f_pos handling (Was Re: Question: how to handle too big f_pos 2009/9/16 KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>: > Am�+1rico_Wang wrote: >> On Wed, Sep 16, 2009 at 4:44 PM, KAMEZAWA Hiroyuki >> <kamezawa.hiroyu@...fujitsu.com> wrote: >>> Ah, sorry. I should CC: you. >> >> >> No problem. :) >> >>>> > --- mmotm-2.6.31-Sep14.orig/fs/proc/base.c >>>> > +++ mmotm-2.6.31-Sep14/fs/proc/base.c >>>> > @@ -903,18 +903,30 @@ out_no_task: >>>> > >>>> > ?loff_t mem_lseek(struct file *file, loff_t offset, int orig) >>>> > ?{ >>>> > + ? ? ? struct task_struct *task = >>>> get_proc_task(file->f_path.dentry->d_inode); >>>> > + ? ? ? unsigned long long new_offset = -EINVAL; >>>> >>>> >>>> Why not make 'new_offset' as loff_t? This can make your code easier. >>>> >>> loff_t is "long long", I wanted "unsigned long long" for showing >>> f_pos here is treated as "unsigned". >>> >> >> >> Yeah, the same as for __verify_negative_pos_range(), right... >> >> >> <snip> >> >>>> > ? ? ? ?} >>>> > - ? ? ? force_successful_syscall_return(); >>>> > - ? ? ? return file->f_pos; >>>> > + ? ? ? if (new_offset < (unsigned long long)TASK_SIZE_OF(task)) { >>>> >>>> >>>> Hmm, why this check? >>>> >>> 2 reasons. >>> >>> ?1. If this lseek has to check something, this is it. >>> ?2. On architecture where 32bit program can ran on 64bit, >>> ? ? moving f_pos above 4G is out-of-range, for example. >>> >>> But mem_read() will catch any bad f_pos, anyway. So, just making >>> allow all f_pos here is maybe a choice. Considering lseek, >>> providing this range check here is not so bad. >> >> Ok, I misunderstood the macro 'TASK_SIZE_OF', then no problem. >> >> Reviewed-by: WANG Cong <xiyou.wangcong@...il.com> >> > Ah, very sorry. I noticed I didn't handle pread/pwrite, splice, etc... > I'll do retry. Yes? Not necessary... In man page, it said /proc/<pid>/mem can be accessed via open(), read(), fseek(), no pread(), no splice()... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists