lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <55935B19.5080103@intel.com>
Date:	Wed, 01 Jul 2015 11:14:33 +0800
From:	Pan Xinhui <xinhuix.pan@...el.com>
To:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC:	Yury Norov <yury.norov@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Rasmus Villemoes <linux@...musvillemoes.dk>, tj@...nel.org,
	peterz@...radead.org, sudeep.holla@....com, mina86@...a86.com,
	"mnipxh@....com" <mnipxh@....com>,
	Alexey Klimov <klimov.linux@...il.com>,
	"yanmin_zhang@...ux.intel.com" <yanmin_zhang@...ux.intel.com>
Subject: [PATCH] lib/bitmap.c: fix some parsing issues and code style


In __bitmap_parselist we can accept whitespaces on head or tail
during every parsing procedure.
If input has valid ranges, there is no reason to reject the user.

fixes:
1) if input ends with ',', bit 0 might be set unexpectedly.
now we check if any digit is available after every loop.
2) if input has '0-', bit 0 might be set unexpectedly,
now we return -EINVAL as this kind of input is definitely wrong.
3) minor code style fix in __bitmap_parse.
and avoid in-loop incrementation of ndigits.

Signed-off-by: Pan Xinhui <xinhuix.pan@...el.com>
---
  lib/bitmap.c | 34 ++++++++++++++++++++++------------
  1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/lib/bitmap.c b/lib/bitmap.c
index 64c0926..3ae3ef1 100644
--- a/lib/bitmap.c
+++ b/lib/bitmap.c
@@ -367,7 +367,8 @@ int __bitmap_parse(const char *buf, unsigned int buflen,
  
  	nchunks = nbits = totaldigits = c = 0;
  	do {
-		chunk = ndigits = 0;
+		chunk = 0;
+		ndigits = totaldigits;
  
  		/* Get the next chunk of the bitmap */
  		while (buflen) {
@@ -406,9 +407,9 @@ int __bitmap_parse(const char *buf, unsigned int buflen,
  				return -EOVERFLOW;
  
  			chunk = (chunk << 4) | hex_to_bin(c);
-			ndigits++; totaldigits++;
+			totaldigits++;
  		}
-		if (ndigits == 0)
+		if (unlikely(ndigits == totaldigits))
  			return -EINVAL;
  		if (nchunks == 0 && chunk == 0)
  			continue;
@@ -504,7 +505,7 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen,
  		int nmaskbits)
  {
  	unsigned a, b;
-	int c, old_c, totaldigits;
+	int c, old_c, totaldigits, ndigits;
  	const char __user __force *ubuf = (const char __user __force *)buf;
  	int exp_digit, in_range;
  
@@ -514,6 +515,7 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen,
  		exp_digit = 1;
  		in_range = 0;
  		a = b = 0;
+		ndigits = totaldigits;
  
  		/* Get the next cpu# or a range of cpu#'s */
  		while (buflen) {
@@ -527,17 +529,20 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen,
  			if (isspace(c))
  				continue;
  
-			/*
-			 * If the last character was a space and the current
-			 * character isn't '\0', we've got embedded whitespace.
-			 * This is a no-no, so throw an error.
-			 */
-			if (totaldigits && c && isspace(old_c))
-				return -EINVAL;
-
  			/* A '\0' or a ',' signal the end of a cpu# or range */
  			if (c == '\0' || c == ',')
  				break;
+			/*
+			* whitespaces between digits are not allowed,
+			* but it's ok if whitespaces are on head or tail.
+			* when old_c is whilespace,
+			* if totaldigits == ndigits, whitespace is on head.
+			* if whitespace is on tail, it should not run here.
+			* as c was ',' or '\0',
+			* ans the last code line has broken the current loop.
+			*/
+			if ((totaldigits != ndigits) && isspace(old_c))
+				return -EINVAL;
  
  			if (c == '-') {
  				if (exp_digit || in_range)
@@ -557,6 +562,11 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen,
  			exp_digit = 0;
  			totaldigits++;
  		}
+		if (unlikely(ndigits == totaldigits))
+			continue;
+		/* if no digti is after '-', it's wrong*/
+		if (unlikely(exp_digit && in_range))
+			return -EINVAL;
  		if (!(a <= b))
  			return -EINVAL;
  		if (b >= nmaskbits)
-- 
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ