lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Jan 2010 09:15:27 +0900 From: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com> To: OGAWA Hirofumi <hirofumi@...l.parknet.co.jp> Cc: Wu Fengguang <fengguang.wu@...el.com>, Andrew Morton <akpm@...ux-foundation.org>, Al Viro <viro@...iv.linux.org.uk>, Heiko Carstens <heiko.carstens@...ibm.com>, Christoph Hellwig <hch@...radead.org>, LKML <linux-kernel@...r.kernel.org>, Eric Paris <eparis@...hat.com>, Nick Piggin <npiggin@...e.de>, Andi Kleen <andi@...stfloor.org>, David Howells <dhowells@...hat.com>, Jonathan Corbet <corbet@....net>, <linux-fsdevel@...r.kernel.org> Subject: Re: [PATCH 6/6] vfs: introduce FMODE_NEG_OFFSET for allowing negative f_pos On Sat, 16 Jan 2010 21:54:39 +0900 OGAWA Hirofumi <hirofumi@...l.parknet.co.jp> wrote: > Wu Fengguang <fengguang.wu@...el.com> writes: > > > +static int > > +__negative_fpos_check(struct file *file, loff_t pos, size_t count) > > +{ > > + /* > > + * pos or pos+count is negative here, check overflow. > > + * too big "count" will be caught in rw_verify_area(). > > + */ > > + if ((pos < 0) && (pos + count < pos)) > > + return -EOVERFLOW; > > + if (file->f_mode & FMODE_NEG_OFFSET) > > + return 0; > > + return -EINVAL; > > +} > > + > > /* > > * rw_verify_area doesn't like huge counts. We limit > > * them to something that fits in "int" so that others > > @@ -222,8 +236,11 @@ int rw_verify_area(int read_write, struc > > if (unlikely((ssize_t) count < 0)) > > return retval; > > pos = *ppos; > > - if (unlikely((pos < 0) || (loff_t) (pos + count) < 0)) > > - return retval; > > + if (unlikely((pos < 0) || (loff_t) (pos + count) < 0)) { > > + retval = __negative_fpos_check(file, pos, count); > > + if (retval) > > + return retval; > > + } > > > > if (unlikely(inode->i_flock && mandatory_lock(inode))) { > > retval = locks_mandatory_area( > > Um... How do lseek() work? It sounds like to violate error code range. This is for read-write. As far as I know, - generic_file_llseek, - default_llseek - no_llseek doesn't call this function. Thanks, -Kame -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists