lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 29 Jun 2012 20:52:51 +0400
From:	Andrew Perepechko <anserper@...ru>
To:	linux-ext4@...r.kernel.org
Subject: dead/wrong code in ext3/4_releasepage()

Hello!

The implementation of ext4_releasepage() for many kernel versions
(as well as current git) is the following:

static int ext4_releasepage(struct page *page, gfp_t wait)
{
         journal_t *journal = EXT4_JOURNAL(page->mapping->host);

         trace_ext4_releasepage(page);

         WARN_ON(PageChecked(page));
         if (!page_has_buffers(page))
                 return 0;
         if (journal)
                 return jbd2_journal_try_to_free_buffers(journal, page, 
wait);
         else
                 return try_to_free_buffers(page);
}

The "if (!page_has_buffers(page))" check seems to be attempting to
handle the "nobh" case. However, the correct return value for this case
seems to be 1 (success), not 0 (failure).

This does not lead to oom or any similar issue since calls to 
try_to_release_page()
are accompanied by page_has_private() checks.

If ->release_page() can be called without a prior check, then
the return code is wrong. Otherwise, the check is dead code.

What do you think?

Thank you,
Andrew
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ