lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CA+icZUVx8=6H4MrzPKWLc-xsFveuB-9JtzfnH=VpnwWg7mPjtQ@mail.gmail.com>
Date:   Wed, 16 Sep 2020 09:20:29 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Hans de Goede <hdegoede@...hat.com>
Cc:     Colin King <colin.king@...onical.com>,
        Christoph Hellwig <hch@...radead.org>,
        Al Viro <viro@...iv.linux.org.uk>,
        linux-fsdevel@...r.kernel.org, kernel-janitors@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] vboxsf: fix comparison of signed char constant with
 unsigned char array elements

On Wed, Sep 16, 2020 at 8:16 AM Hans de Goede <hdegoede@...hat.com> wrote:
>
> Hi,
>
> On 9/15/20 6:03 PM, Colin King wrote:
> > From: Colin Ian King <colin.king@...onical.com>
> >
> > The comparison of signed char constants with unsigned char array
> > elements leads to checks that are always false. Fix this by declaring
> > the VBSF_MOUNT_SIGNATURE_BYTE* macros as octal unsigned int constants
> > rather than as signed char constants. (Argueably the U is not necessarily
> > required, but add it to be really clear of intent).
> >
> > Addresses-Coverity: ("Operands don't affect result")
> > Fixes: 0fd169576648 ("fs: Add VirtualBox guest shared folder (vboxsf) support")
> > Signed-off-by: Colin Ian King <colin.king@...onical.com>
>
> A fix for this has already been queued up:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git/log/?h=fixes
>
> Explicit nack for this one, since it will still apply, but combined
> with the other fix, it will re-break things.
>

Hans, your patch is from 2020-08-25 and in a "fixes" Git branch of vfs
- why wasn't it applied to Linux 5.9?

- Sedat -

> Regards,
>
> Hans
>
>
>
> > ---
> >   fs/vboxsf/super.c | 8 ++++----
> >   1 file changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/fs/vboxsf/super.c b/fs/vboxsf/super.c
> > index 25aade344192..986efcb29cc2 100644
> > --- a/fs/vboxsf/super.c
> > +++ b/fs/vboxsf/super.c
> > @@ -21,10 +21,10 @@
> >
> >   #define VBOXSF_SUPER_MAGIC 0x786f4256 /* 'VBox' little endian */
> >
> > -#define VBSF_MOUNT_SIGNATURE_BYTE_0 ('\000')
> > -#define VBSF_MOUNT_SIGNATURE_BYTE_1 ('\377')
> > -#define VBSF_MOUNT_SIGNATURE_BYTE_2 ('\376')
> > -#define VBSF_MOUNT_SIGNATURE_BYTE_3 ('\375')
> > +#define VBSF_MOUNT_SIGNATURE_BYTE_0 0000U
> > +#define VBSF_MOUNT_SIGNATURE_BYTE_1 0377U
> > +#define VBSF_MOUNT_SIGNATURE_BYTE_2 0376U
> > +#define VBSF_MOUNT_SIGNATURE_BYTE_3 0375U
> >
> >   static int follow_symlinks;
> >   module_param(follow_symlinks, int, 0444);
> >
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ