| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e015e927-283a-2685-07b5-11b28f12e4f9@kernel.org>
Date: Wed, 11 Jan 2023 17:13:17 +0800
From: Chao Yu <chao@...nel.org>
To: Alexey Dobriyan <adobriyan@...il.com>
Cc: akpm@...ux-foundation.org, viro@...iv.linux.org.uk,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH] proc: fix to check name length in proc_lookup_de()
On 2023/1/11 2:01, Alexey Dobriyan wrote:
> On Tue, Jan 10, 2023 at 11:21:12PM +0800, Chao Yu wrote:
>> __proc_create() has limited dirent's max name length with 255, let's
>> add this limitation in proc_lookup_de(), so that it can return
>> -ENAMETOOLONG correctly instead of -ENOENT when stating a file which
>> has out-of-range name length.
>
> Both returns are correct and this is trading one errno for another.
Oh, but it looks ENOENT is a little bit ambiguity, it may indicate file name
length is valid for procfs, but the entry is not exist.
This change is trying to make lookup logic keeping align w/ most other
filesystems' behavior. Also it can avoid running into unneeded lookup logic
in proc_lookup_de() for such ENAMETOOLONG case.
How do you think? :)
Thanks,
>
>> --- a/fs/proc/generic.c
>> +++ b/fs/proc/generic.c
>> @@ -246,6 +246,9 @@ struct dentry *proc_lookup_de(struct inode *dir, struct dentry *dentry,
>> {
>> struct inode *inode;
>>
>> + if (dentry->d_name.len > PROC_NAME_LEN)
>> + return ERR_PTR(-ENAMETOOLONG);
Powered by blists - more mailing lists