lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C7A7645.8010906@rid-net.de>
Date:	Sun, 29 Aug 2010 17:01:25 +0200
From:	Andreas Rid <andreas@...-net.de>
To:	k-mio@...jp.nec.com
CC:	linux-ext4@...r.kernel.org
Subject: [patch] e4defrag: relevant file fragmentation: fix arithmetic error
 as non-root

hi Kazuya Mio,

I found a bug on your patch "[RFC][PATCH V2 5/5] e4defrag: add solving relevant file fragmentation mode"

The variable "blocks_per_group" is only initialized as root cause of restrict access to the super-block.
As a non root user this cause an arithmetic error in function relevant_balloc.

diff --git a/misc/e4defrag.c b/misc/e4defrag.c
index 3f1df05..6022758 100644
--- a/misc/e4defrag.c
+++ b/misc/e4defrag.c
@@ -1662,14 +1662,15 @@ static int relevant_balloc(const char *file, int donor_fd,
 
 		/* Allocating  all blocks in an extent group */
 		while (rest > 0) {
-			int grp_offset;
-			grp_offset = (pi.pi_pstart - first_data_block) % bpg;
-
 			pi.pi_len = rest;
-			if ((grp_offset + pi.pi_len) > bpg)
-				pi.pi_len = bpg - grp_offset;
-			if ((pi.pi_pstart + pi.pi_len) > fs_blocks_count)
-				pi.pi_len = fs_blocks_count - pi.pi_pstart;
+			if (current_uid == ROOT_UID) {
+				int grp_offset;
+				grp_offset = (pi.pi_pstart - first_data_block) % bpg;
+				if ((grp_offset + pi.pi_len) > bpg)
+					pi.pi_len = bpg - grp_offset;
+				if ((pi.pi_pstart + pi.pi_len) > fs_blocks_count)
+					pi.pi_len = fs_blocks_count - pi.pi_pstart;
+			}
 			pi.pi_len = min(pi.pi_len, PREALLOC_MAX_BLK);
 
 			ret = ioctl(donor_fd, EXT4_IOC_CONTROL_PA, &pi);
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ