lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20220925121206.glqeuptele746qsp@pali>
Date:   Sun, 25 Sep 2022 14:12:06 +0200
From:   Pali Rohár <pali@...nel.org>
To:     Viacheslav Dubeyko <slava@...eyko.com>
Cc:     Linux FS Devel <linux-fsdevel@...r.kernel.org>,
        linux-ntfs-dev@...ts.sourceforge.net, linux-cifs@...r.kernel.org,
        jfs-discussion@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Jan Kara <jack@...e.cz>,
        OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>,
        "Theodore Y . Ts'o" <tytso@....edu>,
        Luis de Bethencourt <luisbg@...nel.org>,
        Salah Triki <salah.triki@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Dave Kleikamp <shaggy@...nel.org>,
        Anton Altaparmakov <anton@...era.com>,
        Pavel Machek <pavel@....cz>,
        Marek Behún <marek.behun@....cz>,
        Christoph Hellwig <hch@...radead.org>
Subject: Re: [RFC PATCH 13/20] hfsplus: Do not use broken utf8 NLS table for
 iocharset=utf8 mount option

Hello!

On Monday 09 August 2021 10:42:02 Viacheslav Dubeyko wrote:
> > On Aug 8, 2021, at 9:24 AM, Pali Rohár <pali@...nel.org> wrote:
> > 
> > NLS table for utf8 is broken and cannot be fixed.
> > 
> > So instead of broken utf8 nls functions char2uni() and uni2char() use
> > functions utf8_to_utf32() and utf32_to_utf8() which implements correct
> > encoding and decoding between Unicode code points and UTF-8 sequence.
> > 
> > Note that this fs driver does not support full Unicode range, specially
> > UTF-16 surrogate pairs are unsupported. This patch does not change this
> > limitation and support for UTF-16 surrogate pairs stay unimplemented.
> > 
> > When iochatset=utf8 is used then set sbi->nls to NULL and use it for
> > distinguish between the fact if NLS table or native UTF-8 functions should
> > be used.
> > 
> > Signed-off-by: Pali Rohár <pali@...nel.org>
> > ---
> > fs/hfsplus/dir.c            |  6 ++++--
> > fs/hfsplus/options.c        | 32 ++++++++++++++++++--------------
> > fs/hfsplus/super.c          |  7 +------
> > fs/hfsplus/unicode.c        | 31 ++++++++++++++++++++++++++++---
> > fs/hfsplus/xattr.c          | 14 +++++++++-----
> > fs/hfsplus/xattr_security.c |  3 ++-
> > 6 files changed, 62 insertions(+), 31 deletions(-)
> > 
> > diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c
> > index 84714bbccc12..2caf0cd82221 100644
> > --- a/fs/hfsplus/dir.c
> > +++ b/fs/hfsplus/dir.c
> > @@ -144,7 +144,8 @@ static int hfsplus_readdir(struct file *file, struct dir_context *ctx)
> > 	err = hfs_find_init(HFSPLUS_SB(sb)->cat_tree, &fd);
> > 	if (err)
> > 		return err;
> > -	strbuf = kmalloc(NLS_MAX_CHARSET_SIZE * HFSPLUS_MAX_STRLEN + 1, GFP_KERNEL);
> > +	strbuf = kmalloc((HFSPLUS_SB(sb)->nls ? NLS_MAX_CHARSET_SIZE : 4) *
> > +			HFSPLUS_MAX_STRLEN + 1, GFP_KERNEL);
> 
> Maybe, introduce some variable that will contain the length calculation?

Ok! I can introduce variable with calculated length into all places.

> > 	if (!strbuf) {
> > 		err = -ENOMEM;
> > 		goto out;
> > @@ -203,7 +204,8 @@ static int hfsplus_readdir(struct file *file, struct dir_context *ctx)
> > 		hfs_bnode_read(fd.bnode, &entry, fd.entryoffset,
> > 			fd.entrylength);
> > 		type = be16_to_cpu(entry.type);
> > -		len = NLS_MAX_CHARSET_SIZE * HFSPLUS_MAX_STRLEN;
> > +		len = (HFSPLUS_SB(sb)->nls ? NLS_MAX_CHARSET_SIZE : 4) *
> > +		      HFSPLUS_MAX_STRLEN;
> > 		err = hfsplus_uni2asc(sb, &fd.key->cat.name, strbuf, &len);
> > 		if (err)
> > 			goto out;
> > diff --git a/fs/hfsplus/options.c b/fs/hfsplus/options.c
> > index a975548f6b91..16c08cb5c4f8 100644
> > --- a/fs/hfsplus/options.c
> > +++ b/fs/hfsplus/options.c
> > @@ -104,6 +104,9 @@ int hfsplus_parse_options(char *input, struct hfsplus_sb_info *sbi)
> > 	char *p;
> > 	substring_t args[MAX_OPT_ARGS];
> > 	int tmp, token;
> > +	int have_iocharset;
> > +
> > +	have_iocharset = 0;
> 
> What’s about boolean type and to use true/false?

Ok. I can change type to "bool" and use "true"/"false" values.

> > 
> > 	if (!input)
> > 		goto done;
> > @@ -171,20 +174,24 @@ int hfsplus_parse_options(char *input, struct hfsplus_sb_info *sbi)
> > 			pr_warn("option nls= is deprecated, use iocharset=\n");
> > 			/* fallthrough */
> > 		case opt_iocharset:
> > -			if (sbi->nls) {
> > +			if (have_iocharset) {
> > 				pr_err("unable to change nls mapping\n");
> > 				return 0;
> > 			}
> > 			p = match_strdup(&args[0]);
> > -			if (p)
> > -				sbi->nls = load_nls(p);
> > -			if (!sbi->nls) {
> > -				pr_err("unable to load nls mapping \"%s\"\n",
> > -				       p);
> > -				kfree(p);
> > +			if (!p)
> > 				return 0;
> > +			if (strcmp(p, "utf8") != 0) {
> > +				sbi->nls = load_nls(p);
> > +				if (!sbi->nls) {
> > +					pr_err("unable to load nls mapping "
> > +						"\"%s\"\n", p);
> > +					kfree(p);
> > +					return 0;
> > +				}
> > 			}
> > 			kfree(p);
> > +			have_iocharset = 1;
> 
> Ditto. What’s about true here?
> 
> > 			break;
> > 		case opt_decompose:
> > 			clear_bit(HFSPLUS_SB_NODECOMPOSE, &sbi->flags);
...
> > @@ -256,7 +266,22 @@ int hfsplus_uni2asc(struct super_block *sb,
> > static inline int asc2unichar(struct super_block *sb, const char *astr, int len,
> > 			      wchar_t *uc)
> > {
> > -	int size = HFSPLUS_SB(sb)->nls->char2uni(astr, len, uc);
> > +	struct nls_table *nls = HFSPLUS_SB(sb)->nls;
> > +	unicode_t u;
> > +	int size;
> > +
> > +	if (nls)
> > +		size = nls->char2uni(astr, len, uc);
> > +	else {
> > +		size = utf8_to_utf32(astr, len, &u);
> > +		if (size >= 0) {
> > +			/* TODO: Add support for UTF-16 surrogate pairs */
> 
> Have you forgot to delete this string? Or do you plan to implement this?

No. I have not forgot. In current version there is missing support for
UTF-16 surrogate pairs and this my patch still does not implement it.

So this is kind a issue / bug in the driver and at least it should be
documented. So reader of this code would know it and maybe somebody in
future will implement it.

> > +			if (u <= MAX_WCHAR_T)
> > +				*uc = u;
> > +			else
> > +				size = -EINVAL;
> > +		}
> > +	}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ