lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 19 Jan 2021 06:03:06 +0200
From:   Kari Argillander <kari.argillander@...il.com>
To:     Konstantin Komarov <almaz.alexandrovich@...agon-software.com>
Cc:     linux-fsdevel@...r.kernel.org, viro@...iv.linux.org.uk,
        linux-kernel@...r.kernel.org, pali@...nel.org, dsterba@...e.cz,
        aaptel@...e.com, willy@...radead.org, rdunlap@...radead.org,
        joe@...ches.com, mark@...mstone.com, nborisov@...e.com,
        linux-ntfs-dev@...ts.sourceforge.net, anton@...era.com,
        dan.carpenter@...cle.com, hch@....de, ebiggers@...nel.org,
        andy.lavr@...il.com
Subject: Re: [PATCH v17 02/10] fs/ntfs3: Add initialization of super block

On Thu, Dec 31, 2020 at 06:23:53PM +0300, Konstantin Komarov wrote:
> diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c

> +void fnd_clear(struct ntfs_fnd *fnd)
> +{
> +	int i;
> +
> +	for (i = 0; i < fnd->level; i++) {
> +		struct indx_node *n = fnd->nodes[i];
> +
> +		if (!n)
> +			continue;
> +
> +		put_indx_node(n);
> +		fnd->nodes[i] = NULL;
> +	}
> +	fnd->level = 0;
> +	fnd->root_de = NULL;
> +}
> +
> +static int fnd_push(struct ntfs_fnd *fnd, struct indx_node *n,
> +		    struct NTFS_DE *e)
> +{
> +	int i;
> +
> +	i = fnd->level;
> +	if (i < 0 || i >= ARRAY_SIZE(fnd->nodes))
> +		return -EINVAL;
> +	fnd->nodes[i] = n;
> +	fnd->de[i] = e;
> +	fnd->level += 1;
> +	return 0;
> +}
> +
> +static struct indx_node *fnd_pop(struct ntfs_fnd *fnd)
> +{
> +	struct indx_node *n;
> +	int i = fnd->level;
> +
> +	i -= 1;
> +	n = fnd->nodes[i];
> +	fnd->nodes[i] = NULL;
> +	fnd->level = i;
> +
> +	return n;
> +}
> +
> +static bool fnd_is_empty(struct ntfs_fnd *fnd)
> +{
> +	if (!fnd->level)
> +		return !fnd->root_de;
> +
> +	return !fnd->de[fnd->level - 1];
> +}
> +
> +struct ntfs_fnd *fnd_get(struct ntfs_index *indx)
> +{
> +	struct ntfs_fnd *fnd = ntfs_alloc(sizeof(struct ntfs_fnd), 1);
> +
> +	if (!fnd)
> +		return NULL;
> +
> +	return fnd;
> +}

This should be initilized. What about that indx. Is that neccasarry?
Also no need to check NULL because if it is NULL we can just return it. 

> +
> +void fnd_put(struct ntfs_fnd *fnd)
> +{
> +	if (!fnd)
> +		return;
> +	fnd_clear(fnd);
> +	ntfs_free(fnd);
> +}

> +/*
> + * indx_insert_entry
> + *
> + * inserts new entry into index
> + */
> +int indx_insert_entry(struct ntfs_index *indx, struct ntfs_inode *ni,
> +		      const struct NTFS_DE *new_de, const void *ctx,
> +		      struct ntfs_fnd *fnd)
> +{
> +	int err;
> +	int diff;
> +	struct NTFS_DE *e;
> +	struct ntfs_fnd *fnd_a = NULL;
> +	struct INDEX_ROOT *root;
> +
> +	if (!fnd) {
> +		fnd_a = fnd_get(indx);

Here we get uninitilized fnd.

> +		if (!fnd_a) {
> +			err = -ENOMEM;
> +			goto out1;
> +		}
> +		fnd = fnd_a;
> +	}
> +
> +	root = indx_get_root(indx, ni, NULL, NULL);
> +	if (!root) {
> +		err = -EINVAL;
> +		goto out;
> +	}
> +
> +	if (fnd_is_empty(fnd)) {

And example here we try to touch it.

> +		/* Find the spot the tree where we want to insert the new entry. */
> +		err = indx_find(indx, ni, root, new_de + 1,
> +				le16_to_cpu(new_de->key_size), ctx, &diff, &e,
> +				fnd);
> +		if (err)
> +			goto out;
> +
> +		if (!diff) {
> +			err = -EEXIST;
> +			goto out;
> +		}
> +	}
> +
> +	if (!fnd->level) {
> +		/* The root is also a leaf, so we'll insert the new entry into it. */
> +		err = indx_insert_into_root(indx, ni, new_de, fnd->root_de, ctx,
> +					    fnd);
> +		if (err)
> +			goto out;
> +	} else {
> +		/* found a leaf buffer, so we'll insert the new entry into it.*/
> +		err = indx_insert_into_buffer(indx, ni, root, new_de, ctx,
> +					      fnd->level - 1, fnd);
> +		if (err)
> +			goto out;
> +	}
> +
> +out:
> +	fnd_put(fnd_a);
> +out1:
> +	return err;
> +}

Powered by blists - more mailing lists