| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Aug 2007 09:59:34 -0500 From: Eric Sandeen <sandeen@...hat.com> To: Bodo Eggert <7eggert@....de> CC: linux-kernel Mailing List <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, security@...nel.org Subject: Re: [PATCH V3] limit minixfs printks on corrupted dir i_size, CVE-2006-6058 Bodo Eggert wrote: >> Ok, do you like this slightly better? It states the subsystem, the >> function with the error, the block nr. in the case of a too-large block, >> and the block device on which the error occurred. > > - how long is BDEVNAME_SIZE? Will it fit on the stack? #define BDEVNAME_SIZE 32 /* Largest string for a blockdev identifier */ ~60 other users in md, ext3, jbd, buffer.c, etc. place it on the stack... > - Does it include thespace for \0? bdevname calls disk_name which does snprintf(buf, BDEVNAME_SIZE, ...), so yes. -Eric > I asume you copied other users, and the other users will do it right (or > at least not terribly wrong:), but I can't dig the code right now. > >> Honestly minix.fsck >> doesn't handle the situation well either, so at this point I hesitate >> to recommend it in the print. :) > > *g* - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists