lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8D7EFCEB-4AE6-4963-B66F-4A8EEA5EA42A@redhat.com>
Date:   Wed, 11 Sep 2019 13:40:54 -0400
From:   "Benjamin Coddington" <bcodding@...hat.com>
To:     "Chuck Lever" <chuck.lever@...cle.com>
Cc:     "Jason L Tibbitts III" <tibbs@...h.uh.edu>,
        "Bruce Fields" <bfields@...ldses.org>,
        "Wolfgang Walter" <linux@...m.de>,
        "Linux NFS Mailing List" <linux-nfs@...r.kernel.org>,
        km@...all.com, linux-kernel@...r.kernel.org
Subject: Re: Regression in 5.1.20: Reading long directory fails

On 11 Sep 2019, at 13:29, Chuck Lever wrote:

>> On Sep 11, 2019, at 1:26 PM, Benjamin Coddington 
>> <bcodding@...hat.com> wrote:
>>
>>
>> On 11 Sep 2019, at 12:39, Chuck Lever wrote:
>>
>>>> On Sep 11, 2019, at 12:25 PM, Benjamin Coddington 
>>>> <bcodding@...hat.com> wrote:
>>>>
>>
>>>> Instead, I think we want to make sure the mic falls squarely into 
>>>> the tail
>>>> every time.
>>>
>>> I'm not clear how you could do that. The length of the page data is 
>>> not
>>> known to the client before it parses the reply. Are you suggesting 
>>> that
>>> gss_unwrap should do it somehow?
>>
>> Is it too niave to always put the mic at the end of the tail?
>
> The size of the page content is variable.
>
> The only way the MIC will fall into the tail is if the page content is
> exactly the largest expected size. When the page content is smaller 
> than
> that, the receive logic will place part or all of the MIC in ->pages.

Ok, right.  But what I meant is that xdr_buf_read_netobj() should be 
renamed
and repurposed to be "move the mic from wherever it is to the end of
xdr_buf's tail".

But now I see what you mean, and I also see that it is already trying to 
do
that.. and we don't want to overlap the copy..

So, really, we need the tail to be larger than twice the mic.. less 1.  
That
means the fix is probably just increasing rslack for krb5i.

Ben

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ