lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e8b8e13f-868e-07f7-1c0b-d1e9bbc2dcb3@gmail.com>
Date:   Fri, 21 Apr 2017 14:28:22 +0200
From:   "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>
To:     David Howells <dhowells@...hat.com>
Cc:     mtk.manpages@...il.com, lkml <linux-kernel@...r.kernel.org>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>, hch@...radead.org,
        Eric Biggers <ebiggers3@...il.com>,
        Linux API <linux-api@...r.kernel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>
Subject: Re: Unchecked flags in statx(2) [Should be fixed before 4.11-final?]

[Adding a few people to CC, and correcting myself on one piece] 

On 04/21/2017 02:14 PM, Michael Kerrisk (man-pages) wrote:
> Hello David,
> 
>  I was reading your statx(2) man page, and noticed this text:
> 
>        Do not simply set mask to UINT_MAX as one or more bits may, in the
>        future, be used to specify an extension to the buffer.
> 
> (Here' 'mask' is the fourth argument to statx())
> 
> What is going on here? Why is there  not a check in the code to
> give EINVAL if any flag other than those in STATX_ALL (0x00000fffU)
> is specified? (There is a check that gives EINVAL flags in 
> STATX__RESERVED (0x80000000U), but STATX_ALL != ~STATX__RESERVED.
> 
> Similarly, there appears to be no check for invalid flags in the
> 'flags' argument of statx(). Why is there also not such a check
> there?
>
> The failure to do these sorts of checks has been the source of grief 
> in the past with other system calls.

So, it looks like the checks are there for 'flags' (I missed that 
they were one level deeper in the call sequence), but my question 
re 'mask' still stands.

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ