lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20061017195022.GA23792@dreamland.darkstar.lan>
Date:	Tue, 17 Oct 2006 21:50:22 +0200
From:	Luca Tettamanti <kronos.it@...il.com>
To:	Joerg Schilling <Joerg.Schilling@...us.fraunhofer.de>
Cc:	ismail@...dus.org.tr, linux-kernel@...r.kernel.org
Subject: Re: Linux ISO-9660 Rock Ridge bug needs fix

Il Tue, Oct 17, 2006 at 08:16:07PM +0200, Joerg Schilling ha scritto: 
> Ismail Donmez <ismail@...dus.org.tr> wrote:
> 
> > I was just trying a fast hack to see it works ;-) but iso files produced by 
> > latest mkisofs works fine even without patching.
> 
> Did you _really_ use the latest mkisofs?

Yes, of course. As I said, the size of PX record is different:

000b820: 0100 5350 0701 beef 0052 5205 0181 5058  ..SP.....RR...PX
000b830: 2c01 6d41 0000 0000 416d 0200 0000 0000  ,.mA....Am......
         ^^ size is 44

but isofs (I'm using 2.6.19-rc2) doesn't care. If I'm reading the code
correctly record size is validated against (dentry size - name len -
records already parsed); it may be possibile to trigger the failure with
a certain combination of records (directory relocation?).
With my patch it should never happens that expected attributes size is
greater than dentry size.
Anyway, if you have a (small) image that triggers the error I can double
check the code.


Luca
-- 
#include <stdio.h> 
int main(void) {printf("\t\t\b\b\b\b\b\b");
printf("\t\t\b\b\b\b\b\b");return 0;}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ