| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <498DAA9A.8030309@ph.tum.de>
Date: Sat, 07 Feb 2009 16:36:58 +0100
From: Thiemo Nagel <thiemo.nagel@...tum.de>
To: Theodore Tso <tytso@....edu>
CC: Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: [PATCH] introduce range check for extent pblock references
This time I have aimed to catch all cases in which an invalid physical
block might be used and implemented checks directly in ext_pblock() and
idx_pblock() following the assumption that most of the times one of
these functions is called a device access to that address will follow.
If you think this is too heavy, I could also split the check from the
pblock calculation, but in that case I could only guess at which of the
several accesses to *_pblock() in extents.c a check would be necessary
and where it wouldn't and there would be the possibility of missing
something.
Another thing I'm unsure about is uninitialised extents, here my
heuristic again was that ext_pblock() wouldn't be called if there was
not an access to follow, so I didn't include a condition that would
excempt them from the check.
The attached patch has only been mildly tested.
And I'm pretty new to linux and ext4, so there might be stupid mistakes.
Signed-off-by: Thiemo Nagel <thiemo.nagel@...tum.de>
View attachment "patch2" of type "text/plain" (16030 bytes)
Powered by blists - more mailing lists