| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Sep 2012 11:37:01 -0400 From: Theodore Ts'o <tytso@....edu> To: Eric Sandeen <sandeen@...hat.com> Cc: Carlos Maiolino <cmaiolino@...hat.com>, linux-ext4@...r.kernel.org Subject: Re: [v2] ext4: fix possible non-initialized variable On Mon, Sep 17, 2012 at 10:30:46AM -0500, Eric Sandeen wrote: > fwiw, the uninit variable came about as part of > 2ed886852adfcb070bf350e66a0da0d98b2f3ab5; before that we happily > returned 0 for an unmapped block; see below. So unless something > else has changed since then, Carlos' patch shouldn't be doing any > harm, at least. An audit may be in order but anyone > misunderstanding a NULL/0 return has probably been that way for a > while. Hmm, good point. This is an audit that needs to happen for ext3 and ext4 as well, BTW --- the callers of ext3_getblk() don't do the right thing when ext3_getblk returns NULL and sets *errp to zero. Fortunately it's rare that we have directories with holes, but there are definitely bugs in terms of undefined behavior in the case of directories with holes that we should look at and fix. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists