| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <621fecd9-52ee-b5ba-6702-c283658096ef@kernel.org>
Date: Thu, 15 Jun 2023 17:42:48 +0900
From: Damien Le Moal <dlemoal@...nel.org>
To: "min15.li" <min15.li@...sung.com>, axboe@...nel.dk,
willy@...radead.org, hch@....de, gregkh@...uxfoundation.org,
wsa@...nel.org, vkoul@...nel.org
Cc: linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] block: add capacity validation in bdev_add_partition()
On 6/16/23 01:09, min15.li wrote:
> In the function bdev_add_partition(),there is no check that the start
> and end sectors exceed the size of the disk before calling add_partition.
> When we call the block's ioctl interface directly to add a partition,
> and the capacity of the disk is set to 0 by driver,the command will
> continue to execute.
>
> Signed-off-by: min15.li <min15.li@...sung.com>
> ---
> block/partitions/core.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/block/partitions/core.c b/block/partitions/core.c
> index 49e0496ff23c..9806a804e1a4 100644
> --- a/block/partitions/core.c
> +++ b/block/partitions/core.c
> @@ -445,6 +445,12 @@ int bdev_add_partition(struct gendisk *disk, int partno, sector_t start,
> goto out;
> }
>
> + if (start >= get_capacity(disk) ||
> + start + length > get_capacity(disk)) {
declaring:
sector_t capacity = get_capacity(disk);
at the beginning of the function would make this check prettier and fit on one line.
> + ret = -EINVAL;
> + goto out;
> + }
> +
> if (partition_overlaps(disk, start, length, -1)) {
> ret = -EBUSY;
> goto out;
--
Damien Le Moal
Western Digital Research
Powered by blists - more mailing lists