lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YoQyW46RmvG7a1kE@mit.edu>
Date:   Tue, 17 May 2022 19:40:11 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Jan Kara <jack@...e.cz>
Cc:     linux-ext4@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH 1/2] ext4: Verify dir block before splitting it

On Thu, Apr 28, 2022 at 08:31:37PM +0200, Jan Kara wrote:
> Before splitting a directory block verify its directory entries are sane
> so that the splitting code does not access memory it should not.

This commit fails to build due to an undefined variable.  It's fixed
with this hunk in the next patch, which needs to be brought back into
this commit:

diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 5951e9bb348e..7286472e9558 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1278,7 +1278,7 @@ static int dx_make_map(struct inode *dir, struct buffer_head *bh,
 			count++;
 			cond_resched();
 		}
-		de = ext4_next_entry(de, blocksize);
+		de = ext4_next_entry(de, dir->i_sb->s_blocksize);
 	}
 	return count;
 }

I was thinking about folding in this change and apply the patch with
that change --- and I may yet do that --- but it looks like there's a
bigger problem with this patch series, which is that it's causing a
crash when running ext4/052 due to what appears to be a smashed stack.
More about that in the reply to patch 2/2 of this series....

						- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ