[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <aa811b76ac704140bfa98884c8d6f51e@AcuMS.aculab.com>
Date: Thu, 13 Jul 2023 14:11:02 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Dan Carpenter' <dan.carpenter@...aro.org>,
Linke Li <lilinke99@...mail.com>
CC: "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Jan Kara <jack@...e.cz>, Linke Li <lilinke99@...il.com>
Subject: RE: [PATCH] isofs: fix undefined behavior in iso_date()
From: Dan Carpenter
> Sent: 10 July 2023 10:57
>
> It looks like maybe there is an issue with "year" as well.
>
> fs/isofs/util.c
> 19 int iso_date(u8 *p, int flag)
> 20 {
> 21 int year, month, day, hour, minute, second, tz;
> 22 int crtime;
> 23
> 24 year = p[0];
> ^^^^^
> year is 0-255.
....
> 32
> 33 if (year < 0) {
> ^^^^^^^^
> But this checks year for < 0 which is impossible. Should it be:
>
> year = (signed char)p[0];?
Or not?
What happens in 2027 ?
I bet the value has to be treated an unsigned.
>
> 34 crtime = 0;
> 35 } else {
> 36 crtime = mktime64(year+1900, month, day, hour, minute, second);
> 37
> 38 /* sign extend */
> 39 if (tz & 0x80)
> 40 tz |= (-1 << 8);
Just change the definition of tz from 'int' to 's8'
and it will all happen 'by magic'.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists