| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190204135403.ttitgfy22cp7h2lh@fsr-ub1664-175>
Date: Mon, 4 Feb 2019 13:54:04 +0000
From: Abel Vesa <abel.vesa@....com>
To: David Howells <dhowells@...hat.com>
CC: "viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
dl-linux-imx <linux-imx@....com>
Subject: PROBLEM: fs: hugetlbfs: boot failure due to specs sentinel missing on
linux-next
Hi David,
I found this this morning trying to boot up i.MX8MQ platform.
It's totally unrelated though.
Your commit:
2284cf59cbcec "hugetlbfs: Convert to fs_context"
doesn't put a sentinel at the end of hugetlb_param_specs.
Then, the your commit:
f512b838c1048 "vfs: Add configuration parser helpers"
adds the fs_validate_description where you check for sentinel
but since the hugetlb_param_specs doesn't have it it freezes
inside the following printf:
+ /* Check that the type is in range */
+ if (t == __fs_param_wasnt_defined ||
+ t >= nr__fs_parameter_type) {
+ pr_err("VALIDATE %s: PARAM[%s] Bad type %u\n",
+ name, param->name, t);
+ good = false;
+ } else if (t == fs_param_is_enum) {
+ enums = true;
+ }
IMHO, what happens here is the missing sentinel allows your checking
here to go out of bounds and then the param->name is whatever garbage
happens to be at the end of that array and that makes the printf to
freeze.
This isn't something I looked at really close, so I might be wrong.
I wasn't able to find the mail with the patch to reply to that
so I had to write this as a separate mail.
Powered by blists - more mailing lists