| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Feb 2019 17:04:02 +0800
From: Gao Xiang <gaoxiang25@...wei.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
CC: Chao Yu <yuchao0@...wei.com>, Al Viro <viro@...IV.linux.org.uk>,
"Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
<devel@...verdev.osuosl.org>, <linux-erofs@...ts.ozlabs.org>,
Chao Yu <chao@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
<stable@...r.kernel.org>, <weidu.du@...wei.com>,
Fang Wei <fangwei1@...wei.com>, Miao Xie <miaoxie@...wei.com>
Subject: Re: [PATCH v2] staging: erofs: keep corrupted fs from crashing kernel
in erofs_namei()
Hi Dan,
On 2019/2/15 15:57, Dan Carpenter wrote:
> On Fri, Feb 15, 2019 at 03:02:25PM +0800, Chao Yu wrote:
>> On 2019/2/1 20:16, Gao Xiang wrote:
>>> + /*
>>> + * on-disk error, let's only BUG_ON in the debugging mode.
>>> + * otherwise, it will return 1 to just skip the invalid name
>>> + * and go on (in consideration of the lookup performance).
>>> + */
>>> + DBG_BUGON(qd->name > qd->end);
>>
>> qd->name == qd->end is not allowed as well?
>>
>> So will it be better to return directly here?
>>
>> if (unlikely(qd->name >= qd->end)) {
>> DBG_BUGON(1);
>> return 1;
>> }
>
> Please don't add likely/unlikely() annotations unless you have
> benchmarked it and it makes a difference.
I tend not to add this branch above since the current logic can handle
qd->name >= qd->end (it only happens in corrupted images) and
it will return 1;
Let's just leave DBG_BUGON(qd->name > qd->end); here for debugging use
(to detect corrupted image in some degree earlier).
Thanks,
Gao Xiang
>
> regards,
> dan carpenter
>
>
Powered by blists - more mailing lists