lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 26 Aug 2020 11:56:22 +0900
From:   Tetsuhiro Kohada <>
To:     Namjae Jeon <>
        'Sungjong Seo' <>,,
Subject: Re: [PATCH v3] exfat: integrates dir-entry getting and validation

On 2020/08/26 10:03, Namjae Jeon wrote:
>> Second: Range validation and type validation should not be separated.
>> When I started making this patch, I intended to add only range validation.
>> However, after the caller gets the ep, the type validation follows.
>> Get ep, null check of ep (= range verification), type verification is a series of procedures.
>> There would be no reason to keep them independent anymore.
>> Range and type validation is enforced when the caller uses ep.
> You can add a validate flags as argument of exfat_get_dentry_set(), e.g. none, basic and strict.
> none : only range validation.
> basic : range + type validation.
> strict : range + type + checksum and name length, etc.

Currently, various types of verification will not be needed.
Let's add it when we need it.
>>> -	/* validiate cached dentries */
>>> -	for (i = 1; i < num_entries; i++) {
>>> -		ep = exfat_get_dentry_cached(es, i);
>>> -		if (!exfat_validate_entry(exfat_get_entry_type(ep), &mode))
>>> +	ep = exfat_get_dentry_cached(es, ENTRY_STREAM);
>>> +	if (!ep || ep->type != EXFAT_STREAM)
>>> +		goto free_es;
>>> +	es->de[ENTRY_STREAM] = ep;
>> The value contained in stream-ext dir-entry should not be used before validating the EntrySet checksum.
>> So I would insert EntrySet checksum validation here.
>> In that case, the checksum verification loop would be followed by the TYPE_NAME verification loop, can
>> you acceptable?
> Yes. That would be great.

I'll add TYPE_NAME verification after checksum verification, in next patch.
However, I think it is enough to validate TYPE_NAME when extracting name.
Could you please tell me why you think you need TYPE_NAME validation here?

Tetsuhiro Kohada <>

Powered by blists - more mailing lists