lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 27 Jul 2021 14:53:27 +0100
From:   Matthew Wilcox <willy@...radead.org>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, Jordy Zomer <jordy@...ing.systems>,
        "Ahmed S. Darwish" <a.darwish@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Eric Biggers <ebiggers@...gle.com>
Subject: Re: [PATCH v2] fs: make d_path-like functions all have unsigned size

On Tue, Jul 27, 2021 at 03:30:55PM +0200, Greg Kroah-Hartman wrote:
> On Tue, Jul 27, 2021 at 02:14:37PM +0100, Matthew Wilcox wrote:
> > On Tue, Jul 27, 2021 at 02:56:53PM +0200, Greg Kroah-Hartman wrote:
> > > And my mistake from earlier, size_t is the same as unsigned int, not
> > > unsigned long.
> > 
> > No.
> > 
> > include/linux/types.h:typedef __kernel_size_t           size_t;
> > 
> > include/uapi/asm-generic/posix_types.h:
> > 
> > #ifndef __kernel_size_t
> > #if __BITS_PER_LONG != 64
> > typedef unsigned int    __kernel_size_t;
> > #else
> > typedef __kernel_ulong_t __kernel_size_t;
> > #endif
> > #endif
> > 
> > size_t is an unsigned long on 64-bit, unless otherwise defined by the
> > arch.
> 
> ugh, ok, so there really is a problem, as we have a size_t value being
> passed in as an int, and then it could be treated as a negative value
> for some fun pointer math to copy buffers around.
> 
> How is this not causing problems now already?  Are we just getting
> lucky?

include/uapi/linux/limits.h:#define PATH_MAX        4096        /* # chars in a path name including nul */

Clearly some places aren't checking that, but _in principle_, you
aren't supposed to be able to create a pathname longer than that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ