| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201203142833.GI441757@mit.edu>
Date: Thu, 3 Dec 2020 09:28:33 -0500
From: "Theodore Y. Ts'o" <tytso@....edu>
To: xiakaixu1987@...il.com
Cc: linux-ext4@...r.kernel.org, adilger.kernel@...ger.ca,
Kaixu Xia <kaixuxia@...cent.com>
Subject: Re: [PATCH] ext4: do the quotafile name safe check before allocating
new string
On Mon, Oct 26, 2020 at 10:43:17PM +0800, xiakaixu1987@...il.com wrote:
> From: Kaixu Xia <kaixuxia@...cent.com>
>
> Now we do the quotafile name safe check after allocating the new string
> by using kmalloc(), and have to release the string with kfree() if check
> fails. Maybe we can check them before allocating memory and directly
> return error if check fails to avoid the unnecessary kmalloc()/kfree()
> operations.
>
> Signed-off-by: Kaixu Xia <kaixuxia@...cent.com>
> ---
> fs/ext4/super.c | 29 +++++++++++++----------------
> 1 file changed, 13 insertions(+), 16 deletions(-)
This patch reduces the line count by 3, which is good, but...
(a) It makes the code more complex, harder to read, and harder to be
sure things are correct:
compare:
> - if (strcmp(old_qname, qname) == 0)
with
> + if (strlen(old_qname) != args->to - args->from ||
> + strncmp(old_qname, args->from, args->to - args->from)) {
(b) This is optimizing the error path, which is uncommon, and saving
the allocation and free is not really worth trading off making the code
slightly harder to read and maintain.
So I don't think taking this patch is worthwhile.
Cheers,
- Ted
Powered by blists - more mailing lists