lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 22 Dec 2009 14:31:37 -0800
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	ebb9@....net
Cc:	bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org,
	Ulrich Drepper <drepper@...hat.com>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Michael Kerrisk <mtk.manpages@...glemail.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [Bugme-new] [Bug 14832] New: futimens (AT_FDCWD, arg) should
 fail


(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Fri, 18 Dec 2009 16:08:29 GMT
bugzilla-daemon@...zilla.kernel.org wrote:

> http://bugzilla.kernel.org/show_bug.cgi?id=14832
> 
>            Summary: futimens (AT_FDCWD, arg) should fail
>            Product: File System
>            Version: 2.5
>           Platform: All
>         OS/Version: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: Other
>         AssignedTo: fs_other@...nel-bugs.osdl.org
>         ReportedBy: ebb9@....net
>         Regression: No
> 
> 
> According to POSIX 2008, futimens() shall fail with EBADF if fd is not a valid
> file descriptor.  AT_FDCWD, being negative, falls into this category.  Yet this
> program mistakenly changes the timestamps of the current directory, then
> aborts:
> 
> #include <sys/stat.h>
> #include <fcntl.h>
> #include <errno.h>
> #include <stdlib.h>
> int
> main ()
> {
>   if (futimens (AT_FDCWD, NULL) != -1 || errno != EBADF)
>     abort ();
> }
> 
> Since futimens is a library call on top of utimensat, the fix is to add a
> special case to the utimensat syscall that fails with EBADF if fd is negative
> when path is NULL.
> 

Confused.

: long do_utimes(int dfd, char __user *filename, struct timespec *times, int flags)
: {
: 	int error = -EINVAL;
: 
: 	if (times && (!nsec_valid(times[0].tv_nsec) ||
: 		      !nsec_valid(times[1].tv_nsec))) {
: 		goto out;
: 	}
: 
: 	if (flags & ~AT_SYMLINK_NOFOLLOW)
: 		goto out;
: 
: 	if (filename == NULL && dfd != AT_FDCWD) {
: 		struct file *file;
: 
: 		if (flags & AT_SYMLINK_NOFOLLOW)
: 			goto out;
: 
: 		file = fget(dfd);
: 		error = -EBADF;
: 		if (!file)
: 			goto out;
: 

afacit, if filename==NULL and dfd==-1 then fget() will return NULL and
the syscall returns -EBAFD.

Your report doesn't tell us what kernel version you're testing.  We did
fix a few things ni this area, but it was a long time ago.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ