| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Aug 2010 17:01:25 +0200
From: Andreas Rid <andreas@...-net.de>
To: k-mio@...jp.nec.com
CC: linux-ext4@...r.kernel.org
Subject: [patch] e4defrag: relevant file fragmentation: fix arithmetic error
as non-root
hi Kazuya Mio,
I found a bug on your patch "[RFC][PATCH V2 5/5] e4defrag: add solving relevant file fragmentation mode"
The variable "blocks_per_group" is only initialized as root cause of restrict access to the super-block.
As a non root user this cause an arithmetic error in function relevant_balloc.
diff --git a/misc/e4defrag.c b/misc/e4defrag.c
index 3f1df05..6022758 100644
--- a/misc/e4defrag.c
+++ b/misc/e4defrag.c
@@ -1662,14 +1662,15 @@ static int relevant_balloc(const char *file, int donor_fd,
/* Allocating all blocks in an extent group */
while (rest > 0) {
- int grp_offset;
- grp_offset = (pi.pi_pstart - first_data_block) % bpg;
-
pi.pi_len = rest;
- if ((grp_offset + pi.pi_len) > bpg)
- pi.pi_len = bpg - grp_offset;
- if ((pi.pi_pstart + pi.pi_len) > fs_blocks_count)
- pi.pi_len = fs_blocks_count - pi.pi_pstart;
+ if (current_uid == ROOT_UID) {
+ int grp_offset;
+ grp_offset = (pi.pi_pstart - first_data_block) % bpg;
+ if ((grp_offset + pi.pi_len) > bpg)
+ pi.pi_len = bpg - grp_offset;
+ if ((pi.pi_pstart + pi.pi_len) > fs_blocks_count)
+ pi.pi_len = fs_blocks_count - pi.pi_pstart;
+ }
pi.pi_len = min(pi.pi_len, PREALLOC_MAX_BLK);
ret = ioctl(donor_fd, EXT4_IOC_CONTROL_PA, &pi);
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists