lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <71B73328-C3E3-4472-986F-644A19209F65@gmx.com>
Date:   Thu, 3 May 2018 14:14:55 +0800
From:   "cgxu519@....com" <cgxu519@....com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     "cgxu519@....com" <cgxu519@....com>, ericvh@...il.com,
        rminnich@...dia.gov, lucho@...kov.net,
        v9fs-developer@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: Re: [V9fs-developer] [PATCH v2 1/2] net/9p: detecting invalid options
 as much as possible

Thanks for your review, I’ll fix the issue in v3.


> 在 2018年5月3日,上午6:32,Andrew Morton <akpm@...ux-foundation.org> 写道:
> 
> On Tue, 17 Apr 2018 14:45:01 +0800 Chengguang Xu <cgxu519@....com> wrote:
> 
>> Currently when detecting invalid options in option parsing,
>> some options(e.g. msize) just set errno and allow to continuously
>> validate other options so that it can detect invalid options
>> as much as possible and give proper error messages together.
>> 
>> This patch applies same rule to option 'trans' and 'version'
>> when detecting EINVAL.
>> 
>> ...
> 
> A few issues:
> 
>> --- a/net/9p/client.c
>> +++ b/net/9p/client.c
>> @@ -199,7 +199,7 @@ static int parse_opts(char *opts, struct p9_client *clnt)
>> 					s);
>> 				ret = -EINVAL;
>> 				kfree(s);
>> -				goto free_and_return;
>> +				continue;
>> 			}
>> 			kfree(s);
>> 			break;
> 
> Here we can just do
> 
> --- a/net/9p/client.c~net-9p-detecting-invalid-options-as-much-as-possible-fix
> +++ a/net/9p/client.c
> @@ -198,8 +198,6 @@ static int parse_opts(char *opts, struct
> 				pr_info("Could not find request transport: %s\n",
> 					s);
> 				ret = -EINVAL;
> -				kfree(s);
> -				continue;
> 			}
> 			kfree(s);
> 			break;
> 
>> @@ -217,7 +217,7 @@ static int parse_opts(char *opts, struct p9_client *clnt)
>> 			ret = get_protocol_version(s);
> 
> And here's the patch introduces a bug: if `ret' has value -EINVAL from
> an earlier parsing error, this code will overwrite that error code with
> zero.
> 
> So you'll need to introduce a new temporary variable here.  And I
> suggest that for future-safety, we permit all error returns from
> get_protocol_version(), not just -EINVAL.  So something like:
> 
> --- a/net/9p/client.c~net-9p-detecting-invalid-options-as-much-as-possible-fix
> +++ a/net/9p/client.c
> @@ -214,13 +214,12 @@ static int parse_opts(char *opts, struct
> 					 "problem allocating copy of version arg\n");
> 				goto free_and_return;
> 			}
> -			ret = get_protocol_version(s);
> -			if (ret == -EINVAL) {
> -				kfree(s);
> -				continue;
> -			}
> +			pv = get_protocol_version(s);
> +			if (pv >= 0)
> +				clnt->proto_version = pv;
> +			else
> +				ret = pv;
> 			kfree(s);
> -			clnt->proto_version = ret;
> 			break;
> 		default:
> 			continue;
> _
> 
> 
> Similar changes can be made to patch 2/2.
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ