lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 26 Jun 2007 11:03:09 +0100
From:	"Duane Griffin" <duaneg@...da.com>
To:	"Roman Zippel" <zippel@...ux-m68k.org>
Cc:	linux-kernel@...r.kernel.org, didier <did447@...il.com>,
	"Solra Bizna" <sbizna@...at.net>, "Daniel Drake" <dsd@...too.org>,
	"Andrew Morton" <akpm@...ux-foundation.org>
Subject: Re: [patch 1/2] HFS+: Refactor ASCII to unicode conversion routine for later reuse

On 25/06/07, Roman Zippel <zippel@...ux-m68k.org> wrote:
>
> I like the idea of this, but not that it generates larger code, so I
> reformatted it a little to get rid of the decomposed_uc struct which
> required an unnecessary data copy, so now the it even generates slightly
> smaller code. :)

Ah, nice one! Returning the pointer into the table is a much nicer way
of doing things.

> +               if (decompose && (dstr = decompose_unichar(c, &dsize))) {
> +                       if (outlen + dsize > HFSPLUS_MAX_STRLEN)
>                                 break;
>                         do {
> -                               ustr->unicode[outlen++] = cpu_to_be16(hfsplus_decompose_table[off++]);
> -                       } while (--size > 0);
> -                       continue;
> -               }
> -       done:
> -               ustr->unicode[outlen++] = cpu_to_be16(c);
> +                               ustr->unicode[outlen++] = cpu_to_be16(*dstr++);
> +                       } while (--dsize > 0);

Andrew's comments about the loop in the second patch apply here too, I
think. The original code did have a check for this condition, so I
guess it is a potential problem. How about this (on top of your
version of the patches):

Index: linux-2.6.21.5/fs/hfsplus/unicode.c
===================================================================
--- linux-2.6.21.5.orig/fs/hfsplus/unicode.c
+++ linux-2.6.21.5/fs/hfsplus/unicode.c
@@ -280,7 +280,9 @@ static inline u16 *decompose_unichar(wch
                return NULL;

        off = hfsplus_decompose_table[off + (uc & 0xf)];
-       *size = off & 3;
+       if ((*size = off & 3) == 0)
+               return NULL;
+
        return hfsplus_decompose_table + (off / 4);
 }

I'm using gmail to send this, so it will mess up the tabs I'm afraid :(

> bye, Roman

Cheers,
Duane.

-- 
"I never could learn to drink that blood and call it wine" - Bob Dylan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists