| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <878stnwe4d.fsf@oldenburg2.str.redhat.com>
Date: Thu, 27 Jun 2019 11:50:58 +0200
From: Florian Weimer <fweimer@...hat.com>
To: linux-fsdevel@...r.kernel.org
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
linux-kernel@...r.kernel.org
Subject: [PATCH] fs: Fix internal type confusion in getdents system calls
The callback functions use a signed int type, but the callers have
only verified the value as an unsigned type. This should be only
a cosmetic change because if the value wraps around, this error
check catches it:
if (reclen > buf->count)
return -EINVAL;
But it should be clearer to prevent the wrap-around.
Signed-off-by: Florian Weimer <fweimer@...hat.com>
---
fs/readdir.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/readdir.c b/fs/readdir.c
index 2f6a4534e0df..d344061e387e 100644
--- a/fs/readdir.c
+++ b/fs/readdir.c
@@ -159,7 +159,7 @@ struct getdents_callback {
struct dir_context ctx;
struct linux_dirent __user * current_dir;
struct linux_dirent __user * previous;
- int count;
+ unsigned int count;
int error;
};
@@ -246,7 +246,7 @@ struct getdents_callback64 {
struct dir_context ctx;
struct linux_dirent64 __user * current_dir;
struct linux_dirent64 __user * previous;
- int count;
+ unsigned int count;
int error;
};
@@ -413,7 +413,7 @@ struct compat_getdents_callback {
struct dir_context ctx;
struct compat_linux_dirent __user *current_dir;
struct compat_linux_dirent __user *previous;
- int count;
+ unsigned int count;
int error;
};
--
2.21.0
Powered by blists - more mailing lists