| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jul 2018 06:08:54 -0700
From: Matthew Wilcox <willy@...radead.org>
To: Dominique Martinet <asmadeus@...ewreck.org>
Cc: v9fs-developer@...ts.sourceforge.net,
Latchesar Ionkov <lucho@...kov.net>,
Eric Van Hensbergen <ericvh@...il.com>,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Ron Minnich <rminnich@...dia.gov>
Subject: Re: [V9fs-developer] [PATCH 2/6] 9p: Replace the fidlist with an IDR
On Wed, Jul 11, 2018 at 02:58:12PM +0200, Dominique Martinet wrote:
> > I don't understand your assertion that this is a change of behaviour.
> > The implementation of p9_idpool_get() uses idr_alloc(), not
> > idr_alloc_cyclic(), so I don't believe I've changed which FID would
> > be allocated.
>
> Hmm, I just tried mounting something with ganesha and that broke because
> it received fid=1730858632 in a TATTACH request, so something in the
> patch series made some big fid happens.
>
> If you say this isn't intented though this needs debugging, I'm glad I
> brought this up :P
>
> (Note that it really should be fine if it is random within the pool, I
> have notified the current developpers of the problem)
Heh, unintended protocol fuzzing ;-)
I see the problem; need to initialise fid->fid to 0 before calling
idr_alloc_u32. I'd misread:
memset(&fid->qid, 0, sizeof(struct p9_qid));
as
memset(fid, 0, sizeof(struct p9_fid));
so I thought fid->fid was already 0. I'll fix that up, thanks!
Powered by blists - more mailing lists