lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190828152556.GH24857@mit.edu> Date: Wed, 28 Aug 2019 11:25:56 -0400 From: "Theodore Y. Ts'o" <tytso@....edu> To: Jan Kara <jack@...e.cz> Cc: "zhangyi (F)" <yi.zhang@...wei.com>, linux-ext4@...r.kernel.org, adilger.kernel@...ger.ca Subject: Re: [PATCH] ext4: fix integer overflow when calculating commit interval On Mon, Aug 26, 2019 at 05:30:14PM +0200, Jan Kara wrote: > On Mon 26-08-19 22:35:47, zhangyi (F) wrote: > > If user specify a large enough value of "commit=" option, it may trigger > > signed integer overflow which may lead to sbi->s_commit_interval becomes > > a large or small value, zero in particular. > > > > UBSAN: Undefined behaviour in ../fs/ext4/super.c:1592:31 > > signed integer overflow: > > 536870912 * 1000 cannot be represented in type 'int' > > [...] > > Call trace: > > [...] > > [<ffffff9008a2d120>] ubsan_epilogue+0x34/0x9c lib/ubsan.c:166 > > [<ffffff9008a2d8b8>] handle_overflow+0x228/0x280 lib/ubsan.c:197 > > [<ffffff9008a2d95c>] __ubsan_handle_mul_overflow+0x4c/0x68 lib/ubsan.c:218 > > [<ffffff90086d070c>] handle_mount_opt fs/ext4/super.c:1592 [inline] > > [<ffffff90086d070c>] parse_options+0x1724/0x1a40 fs/ext4/super.c:1773 > > [<ffffff90086d51c4>] ext4_remount+0x2ec/0x14a0 fs/ext4/super.c:4834 > > [...] > > > > Although it is not a big deal, still silence the UBSAN by limit the > > input value. > > > > Signed-off-by: zhangyi (F) <yi.zhang@...wei.com> > > Looks good to me. You can add: > > Reviewed-by: Jan Kara <jack@...e.cz> Thanks, applied. - Ted
Powered by blists - more mailing lists