lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 5 Mar 2013 13:18:56 +0100
From:	Jan Kara <jack@...e.cz>
To:	linux-ext4@...r.kernel.org
Cc:	tytso@....edu
Subject: Mixup with name_len & file_type in e2fsprogs

  Hello,

  I was looking into a bug where application using e2fslib was complaining
about file_type > 7. Now the problem is that this is on big endian system
and ext2fs_dir_iterate() ends up calling ext2fs_dirent_swab_in() without
EXT2_DIRBLOCK_V2_STRUCT flag set so name_len is treated as 2 byte and
swapped. There's actually no way to pass that flag from directory iteration
functions to ext2fs_dirent_swab_in() and even worse looking into various
directory handling code in libext2fs if that flag was *ever* used, they
will get seriously confused because they expect (dirent->name_len & 0xff)
to be the real name length but on big endian systems with
EXT2_DIRBLOCK_V2_STRUCT set that isn't true anymore (real name length ends
up in the high byte of the word).

The application could obviously just do what libext2fs does all the time
and use old struct ext2_dir_entry, extract file_type as (name_len >> 8), and
name length as (name_len & 0xff) but that just seems wrong... Rather
directory functions in libext2fs should use EXT2_FEATURE_INCOMPAT_FILETYPE
to recognize what directory structure to use and act accordingly. But that
would be a non-trivial change and we'll have to update also some user
interfaces. So would people find such cleanup useful?

								Honza
-- 
Jan Kara <jack@...e.cz>
SUSE Labs, CR
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ