| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Yypm+GO6eMdV0QQ0@mit.edu>
Date: Tue, 20 Sep 2022 21:20:56 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: Ian Kent <raven@...maw.net>
Cc: Al Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Siddhesh Poyarekar <siddhesh@...plt.org>,
David Howells <dhowells@...hat.com>,
Miklos Szeredi <miklos@...redi.hu>,
Carlos Maiolino <cmaiolino@...hat.com>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [REPOST PATCH v3 0/2] vfs: fix a mount table handling problem
On Tue, Sep 20, 2022 at 03:26:17PM +0800, Ian Kent wrote:
> Whenever a mount has an empty "source" (aka mnt_fsname), the glibc
> function getmntent incorrectly parses its input, resulting in reporting
> incorrect data to the caller.
>
> The problem is that the get_mnt_entry() function in glibc's
> misc/mntent_r.c assumes that leading whitespace on a line can always
> be discarded because it will always be followed by a # for the case
> of a comment or a non-whitespace character that's part of the value
> of the first field. However, this assumption is violated when the
> value of the first field is an empty string.
>
> This is fixed in the mount API code by simply checking for a pointer
> that contains a NULL and treating it as a NULL pointer.
Why not simply have the mount API code disallow a zero-length "source"
/ mnt_fsname?
- Ted
Powered by blists - more mailing lists