lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 7 May 2007 21:59:15 +0200
From:	Roland Kuhn <rkuhn@....physik.tu-muenchen.de>
To:	OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
Cc:	Andrey Borzenkov <arvidjaar@...l.ru>, linux-kernel@...r.kernel.org
Subject: Re: Long file names in VFAT broken with iocharset=utf8

Hi!

On 7 May 2007, at 20:27, OGAWA Hirofumi wrote:

> Roland Kuhn <rkuhn@....physik.tu-muenchen.de> writes:
>> PATH_MAX specifically counts _bytes_ not characters, so UTF-8 does
>> not matter. ISTR that PATH_MAX was 256 at some point, but I just
>> quickly grepped /usr/include and found various mention of 4096, so
>> where's the central repository for this configuration item? A hard-
>> coded value of 256 somewhere inside the kernel smells like a bug.
>
> There is a nasty issue here. FAT is limited by 255 unicode chars or  
> so.
> So, we would need to count number of unicode chars of filename.
>
No, we don't. At least not when looking at the POSIX spec, which  
explicitly mentions _bytes_ and _not_ unicode characters. So, to be  
on the safe side, FAT filesystems would need to support a NAME_MAX of  
roughly 6*255+3=1533 bytes (not to mention the hassles of forbidden  
sequences, etc.; do we need to count zero-width characters?) and  
report it through pathconf() to userspace, then userspace could do  
with that whatever it liked.

What happened to: "file names are just sequences of octets, excluding  
'/' and NUL"? Adding unicode parsing to the kernel is completely  
useless _and_ a big trouble maker.

Ciao,
                     Roland

--
TU Muenchen, Physik-Department E18, James-Franck-Str., 85748 Garching
Telefon 089/289-12575; Telefax 089/289-12570
--
CERN office: 892-1-D23 phone: +41 22 7676540 mobile: +41 76 487 4482
--
Any society that would give up a little liberty to gain a little
security will deserve neither and lose both.  - Benjamin Franklin
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GS/CS/M/MU d-(++) s:+ a-> C+++ UL++++ P+++ L+++ E(+) W+ !N K- w--- M 
+ !V Y+
PGP++ t+(++) 5 R+ tv-- b+ DI++ e+++>++++ h---- y+++
------END GEEK CODE BLOCK------



Download attachment "smime.p7s" of type "application/pkcs7-signature" (4324 bytes)

Download attachment "PGP.sig" of type "application/pgp-signature" (187 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ