| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <477BCC1F.5@redhat.com>
Date: Wed, 02 Jan 2008 11:38:39 -0600
From: Eric Sandeen <sandeen@...hat.com>
To: Roman Zippel <zippel@...ux-m68k.org>
CC: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: [PATCH] UPDATED2: hfs: handle more on-disk corruptions without oopsing
Roman, with this on top does it look better to you?
I'll get hfsplus done in a bit.
Thanks,
-Eric
-----------------
Fix up previous hfs fsfuzzer patch to address Roman's comments.
Signed-off-by: Eric Sandeen <sandeen@...hat.com>
---
diff -u linux-2.6.24-rc3/fs/hfs/brec.c linux-2.6.24-rc3/fs/hfs/brec.c
--- linux-2.6.24-rc3/fs/hfs/brec.c
+++ linux-2.6.24-rc3/fs/hfs/brec.c
@@ -49,14 +49,14 @@
if (retval > node->tree->max_key_len + 2) {
printk(KERN_ERR "hfs: keylen %d too large\n",
retval);
- retval = HFS_BAD_KEYLEN;
+ retval = 0;
}
} else {
retval = (hfs_bnode_read_u8(node, recoff) | 1) + 1;
if (retval > node->tree->max_key_len + 1) {
printk(KERN_ERR "hfs: keylen %d too large\n",
retval);
- retval = HFS_BAD_KEYLEN;
+ retval = 0;
}
}
}
diff -u linux-2.6.24-rc3/fs/hfs/bfind.c linux-2.6.24-rc3/fs/hfs/bfind.c
--- linux-2.6.24-rc3/fs/hfs/bfind.c
+++ linux-2.6.24-rc3/fs/hfs/bfind.c
@@ -52,7 +52,7 @@
rec = (e + b) / 2;
len = hfs_brec_lenoff(bnode, rec, &off);
keylen = hfs_brec_keylen(bnode, rec);
- if (keylen == HFS_BAD_KEYLEN) {
+ if (keylen == 0) {
res = -EINVAL;
goto fail;
}
@@ -71,7 +71,7 @@
if (rec != e && e >= 0) {
len = hfs_brec_lenoff(bnode, e, &off);
keylen = hfs_brec_keylen(bnode, e);
- if (keylen == HFS_BAD_KEYLEN) {
+ if (keylen == 0) {
res = -EINVAL;
goto fail;
}
@@ -207,7 +207,7 @@
len = hfs_brec_lenoff(bnode, fd->record, &off);
keylen = hfs_brec_keylen(bnode, fd->record);
- if (keylen == HFS_BAD_KEYLEN) {
+ if (keylen == 0) {
res = -EINVAL;
goto out;
}
diff -u linux-2.6.24-rc3/fs/hfs/hfs.h linux-2.6.24-rc3/fs/hfs/hfs.h
--- linux-2.6.24-rc3/fs/hfs/hfs.h
+++ linux-2.6.24-rc3/fs/hfs/hfs.h
@@ -28,8 +28,6 @@
#define HFS_MAX_NAMELEN 128
#define HFS_MAX_VALENCE 32767U
-#define HFS_BAD_KEYLEN 0xFF
-
/* Meanings of the drAtrb field of the MDB,
* Reference: _Inside Macintosh: Files_ p. 2-61
*/
diff -u linux-2.6.24-rc3/fs/hfs/btree.c linux-2.6.24-rc3/fs/hfs/btree.c
--- linux-2.6.24-rc3/fs/hfs/btree.c
+++ linux-2.6.24-rc3/fs/hfs/btree.c
@@ -81,15 +81,23 @@
goto fail_page;
if (!tree->node_count)
goto fail_page;
- if ((id == HFS_EXT_CNID) && (tree->max_key_len != HFS_MAX_EXT_KEYLEN)) {
- printk(KERN_ERR "hfs: invalid extent max_key_len %d\n",
- tree->max_key_len);
- goto fail_page;
- }
- if ((id == HFS_CAT_CNID) && (tree->max_key_len != HFS_MAX_CAT_KEYLEN)) {
- printk(KERN_ERR "hfs: invalid catalog max_key_len %d\n",
- tree->max_key_len);
- goto fail_page;
+ switch(id) {
+ case HFS_EXT_CNID:
+ if (tree->max_key_len != HFS_MAX_EXT_KEYLEN) {
+ printk(KERN_ERR "hfs: invalid extent max_key_len %d\n",
+ tree->max_key_len);
+ goto fail_page;
+ }
+ break;
+ case HFS_CAT_CNID:
+ if (tree->max_key_len != HFS_MAX_CAT_KEYLEN) {
+ printk(KERN_ERR "hfs: invalid catalog max_key_len %d\n",
+ tree->max_key_len);
+ goto fail_page;
+ }
+ break;
+ default:
+ BUG();
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists