lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 17 Mar 2012 13:29:08 +0100
From:	Sven Anderson <>
To:	Linus Torvalds <>
Cc:	Chris Mason <>,
	Al Viro <>,
	Linux Kernel Mailing List <>,
	linux-fsdevel <>
Subject: Faulty has_zero()? (was: .. anybody know of any filesystems that depend on the exact VFS 'namehash' implementation?)

Hi Linus,

Am 01.03.2012 um 23:42 schrieb Linus Torvalds:

> +/* Return the high bit set in the first byte that is a zero */
> +static inline unsigned long has_zero(unsigned long a)
> +{
> +	return ((a - ONEBYTES) & ~a) & HIGHBITS;
> +}

(I commented this on your google+ posting as well, but I'm not sure if you will notice it there.)

Out of curiosity I studied your code, and if I'm not mistaken your has_zero() function doesn't do what is expected. If there are leading 0x01 bytes in front of a NUL byte, they are also marked in the mask because of the borrow bit. You could argue, that there are no 0x01 bytes in path stings, and I agree (even with UTF-8). But you also use it for slash detection, and there you have the same effect with the '.' char, since '.' ^ '/' == 0x01. So if you have a directory name like "foobar.../" it will get handled the same as "foobar////".

Best regards


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists