lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d86cdf32-bc4d-bbab-d756-baef2b12cace@linux.alibaba.com>
Date:   Wed, 31 May 2023 16:16:43 +0800
From:   Jingbo Xu <jefflexu@...ux.alibaba.com>
To:     Gao Xiang <hsiangkao@...ux.alibaba.com>, xiang@...nel.org,
        chao@...nel.org, huyue2@...lpad.com, linux-erofs@...ts.ozlabs.org
Cc:     linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 4/5] erofs: unify inline/share xattr iterators for
 listxattr/getxattr



On 5/31/23 2:57 PM, Gao Xiang wrote:
> 
> 
> On 2023/5/31 11:13, Jingbo Xu wrote:
>>   -static int inline_xattr_iter_begin(struct erofs_xattr_iter *it,
>> -                   struct inode *inode)
>> -{
>> -    struct erofs_inode *const vi = EROFS_I(inode);
>> -    unsigned int xattr_header_sz, inline_xattr_ofs;
>> -
>> -    xattr_header_sz = sizeof(struct erofs_xattr_ibody_header) +
>> -              sizeof(u32) * vi->xattr_shared_count;
>> -    if (xattr_header_sz >= vi->xattr_isize) {
>> -        DBG_BUGON(xattr_header_sz > vi->xattr_isize);
>> -        return -ENOATTR;
>> -    }

In the original implementation, here when xattr_header_sz >=
vi->xattr_isize, inline_xattr_iter_begin() will return -ENOATTR rather
than a negative integer (i.e. vi->xattr_isize - xattr_header_sz).


>>   static int erofs_xattr_generic_get(const struct xattr_handler *handler,
>>                      struct dentry *unused, struct inode *inode,
>>                      const char *name, void *buffer, size_t size)
>> @@ -542,45 +432,98 @@ static const struct xattr_iter_handlers
>> list_xattr_handlers = {
>>       .value = NULL
>>   };
>>   -static int inline_listxattr(struct erofs_xattr_iter *it)
>> +static int erofs_iter_inline_xattr(struct erofs_xattr_iter *it,
>> +                   struct inode *inode, bool getxattr)
>>   {
>> +    struct erofs_inode *const vi = EROFS_I(inode);
>> +    const struct xattr_iter_handlers *op;
>> +    unsigned int xattr_header_sz, remaining;
>> +    erofs_off_t pos;
>>       int ret;
>> -    unsigned int remaining;
>>   -    ret = inline_xattr_iter_begin(it, d_inode(it->dentry));
> 
> In the past, "ret" here is "an int", and
>     vi->xattr_isize - xattr_header_sz < 0 will return
> negative value (although I think that value is problematic).
> 
> see below.

See comment above.

> 
> 
>> -    if (ret < 0)
>> -        return ret;
>> +    xattr_header_sz = sizeof(struct erofs_xattr_ibody_header) +
>> +              sizeof(u32) * vi->xattr_shared_count;
>> +    if (xattr_header_sz >= vi->xattr_isize) {
>> +        DBG_BUGON(xattr_header_sz > vi->xattr_isize);
>> +        return -ENOATTR;
>> +    }

This checking for "xattr_header_sz >= vi->xattr_isize" is also included
in this patch.


-- 
Thanks,
Jingbo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ