lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 21 Feb 2021 18:14:06 -0500
From:   "Theodore Ts'o" <>
To:     Harshad Shirwadkar <>
Subject: Re: [PATCH 4/4] e2fsck: initialize variable before first use in fast
 commit replay

On Fri, Feb 19, 2021 at 01:03:33PM -0800, Harshad Shirwadkar wrote:
> From: Harshad Shirwadkar <>
> Initialize ext2fs_ex variable in ext4_fc_replay_scan() before first
> use.
> Signed-off-by: Harshad Shirwadkar <>

I wonder if we should make the following change to
ext2fs_decode_extent(), which will prevent other future bugs to
potential users of the function:

	to->e_pblk = ext2fs_le32_to_cpu(from->ee_start) +
		((__u64) ext2fs_le16_to_cpu(from->ee_start_hi)
			<< 32);
	to->e_lblk = ext2fs_le32_to_cpu(from->ee_block);
	to->e_len = ext2fs_le16_to_cpu(from->ee_len);
-	to->e_flags |= EXT2_EXTENT_FLAGS_LEAF;
+	to->e_flags = EXT2_EXTENT_FLAGS_LEAF;

ext2fs_decode_extent() overwrites all other members of the structure,
so we might as well just initialize e_flags as opposed to depending
the caller to initiaize *to just for the sake of to->e_flags.


					- Ted

Powered by blists - more mailing lists