lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Feb 2014 14:16:19 +0400 From: Vyacheslav Dubeyko <slava@...eyko.com> To: sougata santra <sougata@...era.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, Joe Perches <joe@...ches.com>, Christoph Hellwig <hch@....de>, Al Viro <viro@...iv.linux.org.uk>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/1] hfsplus: fix longname handling On Tue, 2014-02-25 at 12:05 +0200, sougata santra wrote: > return err; > >> + > >> + len = be16_to_cpu(key->cat.name.length); > >> key->key_len = cpu_to_be16(6 + 2 * len); > > > > I think that maybe it is time to change hardcoded 6 on sensible named > > constant. What do you think? > > I agree, although I think this should he done in a separate patch. Also > there are other instances of hard-coding. We can clean them with a patch. ? > Yes, I think so too. It will be great. > > 62 > > 63 ustrlen = be16_to_cpu(name->length); > > > > I suppose that it makes sense to check name->length here and return > > error. We can check possible volume corruption here. > > I looked into it while writing the patch. I think this was already > handled before. Please see. catalog.c#hfsplus_find_cat the only place it > is called. > > {code} > if (be16_to_cpu(tmp.thread.nodeName.length) > 255) { > pr_err("catalog name length corrupted\n"); > return -EIO; > } > {code} > OK. I agree that my suggestion is not necessary. Thanks, Vyacheslav Dubeyko. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists