| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Apr 2009 22:01:45 +0100 From: Al Viro <viro@...IV.linux.org.uk> To: Dave Hansen <dave@...ux.vnet.ibm.com> Cc: linux-kernel <linux-kernel@...r.kernel.org>, Matthew Wilcox <matthew@....cx>, mdharm-usb@...-eyed-alien.net, linux-usb <linux-usb@...r.kernel.org>, usb-storage@...ts.one-eyed-alien.net, James Bottomley <James.Bottomley@...senPartnership.com>, linux-scsi <linux-scsi@...r.kernel.org> Subject: Re: [RFC][PATCH] fix sign extension with 1.5TB usb-storage LBD=y On Tue, Apr 21, 2009 at 01:52:54PM -0700, Dave Hansen wrote: > This is with current git as of this morning, which is at v2.6.30-rc2. > > I have a 1.5TB USB device which gets a bit angry when I plug it in. It > ends up with a scsi_disk->capacity of ffffffffaea87b30. I tracked it > down to the lba calculation in read_capacity_10(): > > lba = (buffer[0] << 24) | (buffer[1] << 16) | > (buffer[2] << 8) | buffer[3]; > > lba is getting all 0xf's in its high 32 bits. It seems odd that this > would happen since 'buffer' is an 'unsigned char', but that is > apparently what is going on. Nothing odd here; you get unsigned char promoted to int (since the entire range fits into the range of int), then calculations are carried within int and in the end you have (overflown into negative) int sign-extended into u64. Solution is correct, but perhaps use of get_unaligned_be32(buffer) would be better. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists