lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150511170251.4fb69e52@notabene.brown>
Date:	Mon, 11 May 2015 17:02:51 +1000
From:	NeilBrown <neilb@...e.de>
To:	Ryusuke Konishi <konishi.ryusuke@....ntt.co.jp>
Cc:	Josef Bacik <jbacik@...com>, Chris Mason <clm@...com>,
	Jan Kara <jack@...e.cz>, David Sterba <dsterba@...e.cz>,
	linux-fsdevel@...r.kernel.org, linux-nfs@...r.kernel.org,
	linux-nilfs@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-btrfs@...r.kernel.org
Subject: Re: [PATCH 2/3] NILFS2: support NFSv2 export

On Mon, 11 May 2015 01:31:43 +0900 (JST) Ryusuke Konishi
<konishi.ryusuke@....ntt.co.jp> wrote:

> On Fri, 08 May 2015 10:16:23 +1000, NeilBrown <neilb@...e.de> wrote:
> > The "fh_len" passed to ->fh_to_* is not guaranteed to be that same as
> > that returned by encode_fh - it may be larger.
> > 
> > With NFSv2, the filehandle is fixed length, so it may appear longer
> > than expected and be zero-padded.
> > 
> > So we must test that fh_len is at least some value, not exactly equal
> > to it.
> > 
> > Signed-off-by: NeilBrown <neilb@...e.de>
> > ---
> >  fs/nilfs2/namei.c |    6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> > 
> > diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c
> > index 22180836ec22..b65fb79d16fd 100644
> > --- a/fs/nilfs2/namei.c
> > +++ b/fs/nilfs2/namei.c
> > @@ -496,8 +496,8 @@ static struct dentry *nilfs_fh_to_dentry(struct super_block *sb, struct fid *fh,
> >  {
> >  	struct nilfs_fid *fid = (struct nilfs_fid *)fh;
> >  
> > -	if ((fh_len != NILFS_FID_SIZE_NON_CONNECTABLE &&
> > -	     fh_len != NILFS_FID_SIZE_CONNECTABLE) ||
> 
> > +	if ((fh_len < NILFS_FID_SIZE_NON_CONNECTABLE &&
> > +	     fh_len < NILFS_FID_SIZE_CONNECTABLE) ||
> >  	    (fh_type != FILEID_NILFS_WITH_PARENT &&
> >  	     fh_type != FILEID_NILFS_WITHOUT_PARENT))
> >  		return NULL;
> 
> A bit weird.  "fh_len < NILFS_FID_SIZE_CONNECTABLE" implies "fh_len <
> NILFS_FID_SIZE_NON_CONNECTABLE".
> 
> How about the following fix ?
> 
> 	if ((fh_type != FILEID_NILFS_WITH_PARENT ||
> 	     fh_len < NILFS_FID_SIZE_CONNECTABLE) &&
> 	    (fh_type != FILEID_NILFS_WITHOUT_PARENT ||
> 	     fh_len < NILFS_FID_SIZE_NON_CONNECTABLE))
> 		return NULL;
> 

Yes, weird.  The code only uses the early parts of the filehandle, so we
only need to complain if the fh_len is less than FILEID_NILFS_WITHOUT_PARENT.

So I'd prefer:

@@ -496,8 +496,7 @@ static struct dentry *nilfs_fh_to_dentry(struct super_block *sb, struct fid *fh,
 {
        struct nilfs_fid *fid = (struct nilfs_fid *)fh;
 
-       if ((fh_len != NILFS_FID_SIZE_NON_CONNECTABLE &&
-            fh_len != NILFS_FID_SIZE_CONNECTABLE) ||
+       if (fh_len < NILFS_FID_SIZE_NON_CONNECTABLE ||
            (fh_type != FILEID_NILFS_WITH_PARENT &&
             fh_type != FILEID_NILFS_WITHOUT_PARENT))
                return NULL;


Would you be OK with that?  If so I'll resend.

Thanks,
NeilBrown

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ