lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190523124843.566-1-cgxu519@zoho.com.cn>
Date:   Thu, 23 May 2019 20:48:43 +0800
From:   Chengguang Xu <cgxu519@...o.com.cn>
To:     tytso@....edu, adilger.kernel@...ger.ca
Cc:     linux-ext4@...r.kernel.org, Chengguang Xu <cgxu519@...o.com.cn>
Subject: [PATCH] ext4: remove some redundant corruption checks

Remove some redundant corruption checks in
ext4_xattr_block_get() and ext4_xattr_ibody_get()
because ext4_xattr_check_entries() has done those
checks.

Signed-off-by: Chengguang Xu <cgxu519@...o.com.cn>
---
 fs/ext4/xattr.c | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index 491f9ee4040e..b74346f103a6 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -542,8 +542,6 @@ ext4_xattr_block_get(struct inode *inode, int name_index, const char *name,
 		goto cleanup;
 	size = le32_to_cpu(entry->e_value_size);
 	error = -ERANGE;
-	if (unlikely(size > EXT4_XATTR_SIZE_MAX))
-		goto cleanup;
 	if (buffer) {
 		if (size > buffer_size)
 			goto cleanup;
@@ -556,8 +554,6 @@ ext4_xattr_block_get(struct inode *inode, int name_index, const char *name,
 			u16 offset = le16_to_cpu(entry->e_value_offs);
 			void *p = bh->b_data + offset;
 
-			if (unlikely(p + size > end))
-				goto cleanup;
 			memcpy(buffer, p, size);
 		}
 	}
@@ -597,8 +593,6 @@ ext4_xattr_ibody_get(struct inode *inode, int name_index, const char *name,
 		goto cleanup;
 	size = le32_to_cpu(entry->e_value_size);
 	error = -ERANGE;
-	if (unlikely(size > EXT4_XATTR_SIZE_MAX))
-		goto cleanup;
 	if (buffer) {
 		if (size > buffer_size)
 			goto cleanup;
@@ -611,8 +605,6 @@ ext4_xattr_ibody_get(struct inode *inode, int name_index, const char *name,
 			u16 offset = le16_to_cpu(entry->e_value_offs);
 			void *p = (void *)IFIRST(header) + offset;
 
-			if (unlikely(p + size > end))
-				goto cleanup;
 			memcpy(buffer, p, size);
 		}
 	}
-- 
2.17.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ