lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 7 Oct 2013 21:09:18 -0300
From:	Geyslan Gregório Bem <geyslan@...il.com>
To:	Joe Perches <joe@...ches.com>
Cc:	Eric Van Hensbergen <ericvh@...il.com>, rminnich@...dia.gov,
	lucho@...kov.net, v9fs-developer@...ts.sourceforge.net,
	linux-kernel@...r.kernel.org,
	kernel-br <kernel-br@...glegroups.com>
Subject: Re: [PATCH] 9p: unsigned/signed wrap in p9/unix modes.

Joe,

Thank you for reply.

What do you think about:

                 strncpy(ext, stat->extension, sizeof(ext));
+                 if (sscanf(ext, "%c %u %u", &type, &major, &minor) < 3) {
+                                  p9_debug(P9_DEBUG_ERROR,
+                                  "It's necessary define type, major
and minor values when using P9_DMDEVICE");
+                                  return res;
+                 }
                 switch (type) {
                 case 'c':
                         res |= S_IFCHR;
                         break;
...
                 *rdev = MKDEV(major, minor);

Geyslan Gregório Bem
hackingbits.com


2013/10/7 Joe Perches <joe@...ches.com>:
> On Mon, 2013-10-07 at 19:19 -0300, Geyslan G. Bem wrote:
>> Changes the sign type to unsigned, avoiding the possibility of
>> wrap when ORing the p9 or unix bit modes.
> []
>> diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c
> []
>> @@ -144,7 +144,7 @@ static umode_t p9mode2unixmode(struct v9fs_session_info *v9ses,
>>       else if ((mode & P9_DMDEVICE) && (v9fs_proto_dotu(v9ses))
>>                && (v9ses->nodev == 0)) {
>>               char type = 0, ext[32];
>> -             int major = -1, minor = -1;
>> +             u32 major = 0, minor = 0;
>>
>>               strlcpy(ext, stat->extension, sizeof(ext));
>>               sscanf(ext, "%c %u %u", &type, &major, &minor);
>
> This bit changes the MKDEV below it.
>
> I would think that the sscanf return should be
> checked for 3 and maybe MKDEV should not be
> constructed when it's not.
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ