lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200121203405.7g7gisb3q55u2y2f@pali>
Date:   Tue, 21 Jan 2020 21:34:05 +0100
From:   Pali Rohár <pali.rohar@...il.com>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>,
        linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        "Theodore Y. Ts'o" <tytso@....edu>,
        Namjae Jeon <linkinjeon@...il.com>,
        Gabriel Krisman Bertazi <krisman@...labora.com>
Subject: Re: vfat: Broken case-insensitive support for UTF-8

On Tuesday 21 January 2020 00:07:01 Al Viro wrote:
> On Tue, Jan 21, 2020 at 12:57:45AM +0100, Pali Rohár wrote:
> > On Monday 20 January 2020 22:46:25 Al Viro wrote:
> > > On Mon, Jan 20, 2020 at 10:40:46PM +0100, Pali Rohár wrote:
> > > 
> > > > Ok, I did some research. It took me it longer as I thought as lot of
> > > > stuff is undocumented and hard to find all relevant information.
> > > > 
> > > > So... fastfat.sys is using ntos function RtlUpcaseUnicodeString() which
> > > > takes UTF-16 string and returns upper case UTF-16 string. There is no
> > > > mapping table in fastfat.sys driver itself.
> > > 
> > > Er...  Surely it's OK to just tabulate that function on 65536 values
> > > and see how could that be packed into something more compact?
> > 
> > It is OK, but too complicated. That function is in nt kernel. So you
> > need to build a new kernel module and also decide where to put output of
> > that function. It is a long time since I did some nt kernel hacking and
> > nowadays you need to download 10GB+ of Visual Studio code, then addons
> > for building kernel modules, figure out how to write and compile simple
> > kernel module via Visual Studio, write ini install file, try to load it
> > and then you even fail as recent Windows kernels refuse to load kernel
> > modules which are not signed...
> 
> Wait a sec...  From NT userland, on a mounted VFAT:
> 	for all s in single-codepoint strings
> 		open s for append
> 		if failed
> 			print s on stderr, along with error value
> 		write s to the opened file, adding to its tail
> 		close the file
> the for each equivalence class you'll get a single file, with all
> members of that class written to it.  In addition you'll get the
> list of prohibited codepoints.
> 
> Why bother with any kind of kernel modules?  IDGI...

This is a great idea to get FAT equivalence classes. Thank you!

Now I quickly tried it... and it failed. FAT has restriction for number
of files in a directory, so I would have to do it in more clever way,
e.g prepare N directories and then try to create/open file for each
single-point string in every directory until it success or fail in every
one.

-- 
Pali Rohár
pali.rohar@...il.com

Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ