lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 25 Feb 2020 13:40:45 -0800
From:   Christoph Hellwig <hch@...radead.org>
To:     Qian Cai <cai@....pw>
Cc:     darrick.wong@...cle.com, hch@...radead.org,
        linux-xfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] xfs: fix an undefined behaviour in _da3_path_shift

On Tue, Feb 25, 2020 at 02:53:08PM -0500, Qian Cai wrote:
> xfs_da3_path_shift() could see state->path.blk[-1] because
> state->path.active == 1 is a valid state when it tries to add an entry
> to a single dir leaf block and then to shift forward to see if
> there's a sibling block that would be a better place to put the new
> entry.

I think this needs a better explanation.  Something like:

In xfs_da3_path_shift() blk can be assigned to state->path.blk[-1] if
state->path.active is 1 (which is a valid state) when it tries to add an
entry > to a single dir leaf block and then to shift forward to see if
there's a sibling block that would be a better place to put the new
entry.  This causes a KASAN warning given negative array indices are
undefined behavior in C.  In practice the warning is entirely harmless
given that blk is never dereference in this case, but it is still better
to fix up the warning and slightly improve the code.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ