lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230424050158.GN3390869@ZenIV>
Date:   Mon, 24 Apr 2023 06:01:58 +0100
From:   Al Viro <viro@...iv.linux.org.uk>
To:     Hao Ge <gehao@...inos.cn>
Cc:     brauner@...nel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, gehao618@....com
Subject: Re: [PATCH V2] fs: fix undefined behavior in bit shift for SB_NOUSER

On Mon, Apr 24, 2023 at 12:51:22PM +0800, Hao Ge wrote:
> Shifting signed 32-bit value by 31 bits is undefined, so changing
> significant bit to unsigned. The UBSAN warning calltrace like below:

> UBSAN: shift-out-of-bounds in fs/nsfs.c:306:32
> left shift of 1 by 31 places cannot be represented in type 'int'
> CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-rc4+ #2
> Call trace:
> <TASK>
> dump_backtrace+0x134/0x1e0
> show_stack+0x2c/0x3c
> dump_stack_lvl+0xb0/0xd4
> dump_stack+0x14/0x1c
> ubsan_epilogue+0xc/0x3c
> __ubsan_handle_shift_out_of_bounds+0xb0/0x14c
> nsfs_init+0x4c/0xb0
> start_kernel+0x38c/0x738
> __primary_switched+0xbc/0xc4
> </TASK>
> 
> Fixes: e462ec50cb5f ("VFS: Differentiate mount flags (MS_*) from internal superblock flags")
> Signed-off-by: Hao Ge <gehao@...inos.cn>

*snort*

IMO something like "spotted by UBSAN" is more than enough here -
stack trace is completely pointless.

Otherwise, no problems with the patch - it's obviously safe.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ