lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20131021124731.GB2708@dhcp-13-216.nay.redhat.com> Date: Mon, 21 Oct 2013 20:47:31 +0800 From: Eryu Guan <guaneryu@...il.com> To: linux-ext4@...r.kernel.org Cc: Theodore Ts'o <tytso@....edu>, Lukáš Czerner <lczerner@...hat.com> Subject: Re: [PATCH v2] ext4: check for overlapping extents in ext4_valid_extent_entries() On Mon, Oct 21, 2013 at 07:59:54PM +0800, Eryu Guan wrote: > On Sun, Oct 20, 2013 at 09:27:27PM +0800, Eryu Guan wrote: > > A corrupted ext4 may have out of order leaf extents, i.e. > > > > extent: lblk 0--1023, len 1024, pblk 9217, flags: LEAF UNINIT > > extent: lblk 1000--2047, len 1024, pblk 10241, flags: LEAF UNINIT > > ^^^^ overlap with previous extent > > > > Reading such extent could hit BUG_ON() in ext4_es_cache_extent(). > > > > BUG_ON(end < lblk); > > > > The problem is that __read_extent_tree_block() tries to cache holes as > > well but assumes 'lblk' is greater than 'prev' and passes underflowed > > length to ext4_es_cache_extent(). Fix it by checking for overlapping > > extents in ext4_valid_extent_entries(). > > > > I hit this when fuzz testing ext4, and am able to reproduce it by > > modifying the on-disk extent by hand. > > > > Ran xfstests on patched ext4 and no regression. > > > > Cc: "Theodore Ts'o" <tytso@....edu> > > Cc: Lukáš Czerner <lczerner@...hat.com> > > Signed-off-by: Eryu Guan <guaneryu@...il.com> > > Self NAK, I found problems in tests, will think about it more. Ah, the error messages in dmesg I've seen are from previous tests, so there're no problems. Withdraw the self NAK. Sorry for the noise.. Thanks, Eryu -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists