lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 16 Jul 2018 14:17:34 +0100
From:   Alan Cox <gnomes@...rguk.ukuu.org.uk>
To:     Anatoly Trosinenko <anatoly.trosinenko@...il.com>
Cc:     viro@...iv.linux.org.uk,
        OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>,
        akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: FAT: Operating on broken FAT FS causes the write syscall to
 return negative number not equal to -1

> Oops, I was just doing some testing and thought that correct behavior
> for crafted FS is to return arbitrary valid error code (like -EIO) or
> some arbitrary data, say, not larger than FS (not disclosing the
> kernel memory, of course). Please excuse me if I was wrong. If fixing
> this would slow down some hot code path, then I am not insisting on
> returning valid errno. :)
> 
> Meanwhile, how should be considered such discrepancies with man pages
> for invalid FS images: should it be considered low priority bug,
> not-a-bug or feature request (diagnostics)?

If you can crash the machine or exploit it with a carefully crafted disk
then its serious. If you get weird behaviour only it's not too serious.

It's nice (but often not possible) if a filesystem at least forces itself
R/O when it detects a corruption to avoid doing more damage.

Alan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ