lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 16 Jul 2008 12:31:48 -0400
From:	Theodore Tso <tytso@....edu>
To:	"Jose R. Santos" <jrs@...ibm.com>
Cc:	Goswin von Brederlow <goswin-v-b@....de>,
	linux-ext4@...r.kernel.org
Subject: Re: [PATCH 15/15][e2fsprogs] 64-bit mke2fs cleanup

On Wed, Jul 16, 2008 at 10:18:17AM -0500, Jose R. Santos wrote:
> > It's really important when doing library design to think about future
> > expandability.
> 
> This would not be a API or ABI change so I don't see why another
> renaming function would be needed.  It also doesn't change the
> behavior of ext2fs_get_device_size2() since it returns EFBIG when a
> device is larger than what e2fsprogs currently supports, whether that
> 48bit or 64bits.  Putting the limit ext2fs_get_device_size2() avoid
> folks from abusing something that probably isn't supported. 

E2fsprogs utilities are somewhat entitled to assume that they will be
running with a version of libext2fs which is the same as the one that
they shipped with --- although sometimes that assumption can be false,
particularly when people are building a newer version of e2fsprogs
from source and forget to install the newer libraries or forget to set
LD_LIBRARY_PATH if they are building with dynamic libraries.

However there may be other users of that interface, and they won't
know if version of that library they are calling is set to return
EFBIG on a 48bit or 64bit number.  Besides, there may be other
application users of that function where it would be useful to get the
size of a device which is larger than 48-bits, even if mke2fs and ext4
today doesn't support it.  This is just good library design not to
enforce limits like this in a fairly generic function.

Finally, in many programming discplines you *do* rename the function
whenever you make major semantic changes to the function, not just for
API or ABI changes.  Otherwise a newer program might depend on
ext2fs_get_device_size() returning a 64-bit size, and then it might
get very confused or fail in unexpected ways if it is linked with an
older library that returns EFBIG if the number is bigger than 48 bits.

It's just a matter of how defensive you want to be in your
programming, and how general-purpose you want you library routines to
be.

Regards,

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ