lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1507816122-19405-1-git-send-email-steve@digidescorp.com>
Date:   Thu, 12 Oct 2017 08:48:39 -0500
From:   Steve Magnani <steve.magnani@...idescorp.com>
To:     Jan Kara <jack@...e.com>, linux-kernel@...r.kernel.org
Cc:     "Steven J . Magnani" <steve@...idescorp.com>
Subject: [PATCH v2 0/3] udf: Fix some signed/unsigned conversion issues

The UDF driver has several points at which conversion between unsigned and
signed types cause (or could cause) problems. On 64-bit systems,
conversion of block addresses larger than 0x7FFFFFFF (>= 1 TiB when
blocksize is 512 bytes) can involve undesired sign extension that corrupts
the block address value. This is known to cause the following problems:

* readdir() can fail on a directory containing File Identifiers residing
  above 0x7FFFFFFF. This manifests as a 'ls' command failing with EIO.

* FIBMAP on a file block located above 0x7FFFFFFF can return a negative
  value. The low 32 bits are correct, but applications that don't mask the
  high 32 bits of the result can perform incorrectly.

Additionally, large unsigned values can be printed as negative numbers,
for example:

  Partition (0 type 1511) starts at physical 460, block length -1779968542

Take care to use unsigned types to store UDF block addresses and to use
format specifiers that match the signedness of the values they are to
print.

Changes since V1:
* Separated printing fixes from sign extension fixes
* Implemented suggested udf_pblk_t typedef for representation of
  block addresses and use it in place of 'uint32_t' for changes in this
  patch series
* Converted some uint32_t block address variables in inode_getblk() to
  udf_pblk_t
* Fixed additional signed/unsigned type mismatches in:
  - udf_table_new_block()
  - udf_fileident_read()
  - udf_new_inode()
  - udf_split_extents()
  - udf_getblk()
  - udf_do_extend_file()
  - udf_bread()
  - udf_setsize()
  - udf_setup_indirect_aext()
  - udf_add_aext()
  - extent_trunc()

Signed-off-by: Steven J. Magnani <steve@...idescorp.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ