lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 18 Oct 2011 10:27:32 +0800
From:	Tao Ma <tm@....ma>
To:	Ted Ts'o <tytso@....edu>
CC:	linux-ext4@...r.kernel.org
Subject: Re: [PATCH] ext4: Check extent overflow with the right range.

Hi Ted,
On 10/17/2011 10:16 PM, Ted Ts'o wrote:
> On Mon, Oct 17, 2011 at 04:45:28PM +0800, Tao Ma wrote:
>> From: Tao Ma <boyu.mt@...bao.com>
>>
>> In 4fd30c033, we move the range check before we change ix to avoid the memory stamp.
>> But actually we should check against the EXT_MAX_INDEX, not EXT_LAST_INDEX.
>>
>> So this patch revert the old patch and adds a new check before we setting ix.
>>
>> Cc: "Theodore Ts'o" <tytso@....edu>
>> Signed-off-by: Tao Ma <boyu.mt@...bao.com>
>> ---
>> Ted, since 4fd30c033 is in your dev branch, I am fine to integrate these 2 patches to one.
> 
> 
> Hi Tao,
> 
> I have integrated this with the the existing patch in dev branch (since
> it isn't in the master branch yet, and hence hasn't been locked down).
> 
> I'm wondering though how you originally ran into this case, though.
> If there is no more room in the tree node, we should have never
> entered ext4_ext_extent_index() in the first place.  Was this a
> theoretical concern or did you actually see this happen.  And if so,
> was it due to a file system corruption, or another bug someplace else.
We have met with some corruption, but not sure whether it is related to
this or not. To be honest, we went through the code and find that this
may be a possible cause. So if you think it could never happen, we are
OK to drop this patch.

Thanks
Tao
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ