lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20120805222105.05B4011FC6A@bugzilla.kernel.org>
Date:	Sun,  5 Aug 2012 22:21:05 +0000 (UTC)
From:	bugzilla-daemon@...zilla.kernel.org
To:	linux-ext4@...r.kernel.org
Subject: [Bug 45631] Caught 32-bit read from uninitialized memory in
 ext4_da_get_block_prep

https://bugzilla.kernel.org/show_bug.cgi?id=45631


Theodore Tso <tytso@....edu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tytso@....edu




--- Comment #1 from Theodore Tso <tytso@....edu>  2012-08-05 22:21:04 ---
It's a false positive in that this isn't going to actually cause an actual bug;
we're just saving and restoring an uninitialized value if we have a error.  The
fact that we do this is no big deal, since if i_da_metadata_calc_len is zero,
the value of i_data_metadata_calc_last_lblock is never consulted.  So if we
save an uninitialized value, and then later restore it, it really doesn't
matter from a correctness point of view.

That being said, triggering a kmemcheck failure is sad, even if it's not a real
bug, so I agree we should fix it.  The most expedient and most efficient fix is
to simply initialize i_data_metadata_calc_last_lblock to zero in
ext4_alloc_inode(); this is where we initialize i_data_metadata_calc_len to
zero, and if we initialize the last_lblock to zero, it won't matter, and it
saves us from having to adding an extra conditional in
ext4_da_get_block_prep().

- Ted

-- 
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ