lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 25 Jun 2021 08:40:33 -0400
From:   Wang Shilong <wangshilong1991@...il.com>
To:     linux-ext4@...r.kernel.org
Cc:     wangshilong1991@...il.com, Wang Shilong <wshilong@....com>
Subject: [PATCH] ext4: forbid U32_MAX project ID

From: Wang Shilong <wshilong@....com>

U32_MAX is reserved for special purpose,
qid_has_mapping() will return false if projid is
4294967295, dqget() will return NULL for it.

So U32_MAX is unsupported Project ID, fix to forbid
it.

Signed-off-by: Wang Shilong <wshilong@....com>
---
 fs/ext4/ioctl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c
index 31627f7dc5cd..f3a8d962c291 100644
--- a/fs/ext4/ioctl.c
+++ b/fs/ext4/ioctl.c
@@ -744,6 +744,9 @@ int ext4_fileattr_set(struct user_namespace *mnt_userns,
 	u32 flags = fa->flags;
 	int err = -EOPNOTSUPP;
 
+	if (fa->fsx_projid >= U32_MAX)
+		return -EINVAL;
+
 	ext4_fc_start_update(inode);
 	if (flags & ~EXT4_FL_USER_VISIBLE)
 		goto out;
-- 
2.27.0

Powered by blists - more mailing lists