| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Sep 2012 15:26:04 -0300 From: Carlos Maiolino <cmaiolino@...hat.com> To: linux-ext4@...r.kernel.org Subject: Re: [v2] ext4: fix possible non-initialized variable On Mon, Sep 17, 2012 at 11:37:01AM -0400, Theodore Ts'o wrote: > On Mon, Sep 17, 2012 at 10:30:46AM -0500, Eric Sandeen wrote: > > fwiw, the uninit variable came about as part of > > 2ed886852adfcb070bf350e66a0da0d98b2f3ab5; before that we happily > > returned 0 for an unmapped block; see below. So unless something > > else has changed since then, Carlos' patch shouldn't be doing any > > harm, at least. An audit may be in order but anyone > > misunderstanding a NULL/0 return has probably been that way for a > > while. > > Hmm, good point. > > This is an audit that needs to happen for ext3 and ext4 as well, BTW > --- the callers of ext3_getblk() don't do the right thing when > ext3_getblk returns NULL and sets *errp to zero. > > Fortunately it's rare that we have directories with holes, but there > are definitely bugs in terms of undefined behavior in the case of > directories with holes that we should look at and fix. > > - Ted > Ted, based on this conversation, is there anything else I should do to have this patch accepted? btw, I can review the callers for ext4_bread() and ext3_getblk in order to audit it, is that ok for you? -- --Carlos -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists