| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Mar 2009 21:46:50 +0100
From: Stefan Lippers-Hollmann <s.L-H@....de>
To: Phillip Lougher <phillip@...gher.demon.co.uk>
Cc: Phillip Lougher <phil.lougher@...il.com>,
Geert Uytterhoeven <Geert.Uytterhoeven@...ycom.com>,
Linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [GIT PULL] Squashfs fixes for 2.6.29?
Hi
On Mittwoch, 11. März 2009, Phillip Lougher wrote:
> Phillip Lougher wrote:
[...]
> The following patch fixes the problems you've experienced with your test
> filesystems (thanks for making them available), and also deals with the corrupted
> filesystems issue. It correctly works with all the corrupted filesystems sent
> earlier this year.
>
> The problem arises due to an unexpected corner-case with zlib which the
> corrupted filesystems patch didn't address. Very occasionally zlib exits
> needing a couple of extra bytes of input (1 and 2 bytes in the test filesystems),
> but with avail_out == 0 and no more output buffers available. This situation
> was incorrectly flagged as an error by the corrupted filesystems patch. I
> unfortunately didn't anticipate this scenario because it seems contrary to
> expectation that zlib will be still reading input having produced all the
> expected output. The fix is to not print an error if zlib wants more input
> bytes and there's more input bytes to be read.
I just got home and around to test it with 2.6.29-rc7-git4, no further
issues with large filesystems (copying + live usage) and it's working
reliably (after whitespace fixing), thank you a lot.
> Geert I can put a signed off line from you on the patch if you like (as you
> sent the original fix). I could add reported and tested lines from both of you?
> They seem to be being used more often and sound a good idea.
Feel free to add the tags as needed, thanks.
Reported-by: Stefan Lippers-Hollmann <s.L-H@....de>
Tested-by: Stefan Lippers-Hollmann <s.L-H@....de>
> Thanks
>
> Phillip
Regards
Stefan Lippers-Hollmann
--
> diff --git a/fs/squashfs/block.c b/fs/squashfs/block.c
> index 321728f..b85173f 100644
> --- a/fs/squashfs/block.c
> +++ b/fs/squashfs/block.c
> @@ -166,6 +166,22 @@ int squashfs_read_data(struct super_block *sb, void **buffer, u64 index,
>
> bytes = length;
> do {
> + if (msblk->stream.avail_out == 0) {
> + if (page < pages) {
> + msblk->stream.next_out = buffer[page++];
> + msblk->stream.avail_out =
> + PAGE_CACHE_SIZE;
> + } else if (msblk->stream.avail_in > 0
> + || bytes == 0) {
> + ERROR("zlib_inflate tried to "
> + "decompress too much data, "
> + "expected %d bytes. Zlib "
> + "data probably corrupt\n",
> + srclength);
> + goto release_mutex;
> + }
> + }
> +
> if (msblk->stream.avail_in == 0 && k < b) {
> avail = min(bytes, msblk->devblksize - offset);
> bytes -= avail;
> @@ -184,19 +200,6 @@ int squashfs_read_data(struct super_block *sb, void **buffer, u64 index,
> offset = 0;
> }
>
> - if (msblk->stream.avail_out == 0) {
> - if (page == pages) {
> - ERROR("zlib_inflate tried to "
> - "decompress too much data, "
> - "expected %d bytes. Zlib "
> - "data probably corrupt\n",
> - srclength);
> - goto release_mutex;
> - }
> - msblk->stream.next_out = buffer[page++];
> - msblk->stream.avail_out = PAGE_CACHE_SIZE;
> - }
> -
> if (!zlib_init) {
> zlib_err = zlib_inflateInit(&msblk->stream);
> if (zlib_err != Z_OK) {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists