lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 2 Sep 2023 23:15:26 +0530
From:   Manas Ghandat <ghandatmanas@...il.com>
To:     Dave Kleikamp <dave.kleikamp@...cle.com>, shaggy@...nel.org,
        liushixin2@...wei.com
Cc:     linux-kernel@...r.kernel.org, jfs-discussion@...ts.sourceforge.net,
        Linux-kernel-mentees@...ts.linuxfoundation.org,
        syzbot+aea1ad91e854d0a83e04@...kaller.appspotmail.com
Subject: Re: [PATCH] jfs: fix array-index-out-of-bounds in dbFindLeaf

Actually I was talking about the stree attribute of dmtree which is 
present in both dmaptree and dmapctl.

Link : https://elixir.bootlin.com/linux/v6.5.1/source/fs/jfs/jfs_dmap.h#L168

Since it is an array we can add a check for the size of array like the 
code below.


+            if (x + n > (sizeof(tp->dmt_stree)/sizeof(s8)))
+                 return -ENOSPC;

On 01/09/23 22:38, Dave Kleikamp wrote:
> On 8/31/23 10:19AM, Manas Ghandat wrote:
>> I was wondering if we could implement a get_tree_size macro wherein  
>> we could find the tree size so that we can do the comparison. SInce 
>> the tp->dmt_stree is an array we can get its size and fix the out of 
>> bounds. Would this thing work?
>
> dmtree_t is a union of two nearly identical structures that both 
> contain an stree. The only real difference in the structures is the 
> size of the stree, so dbFindLeaf doesn't really know which is being 
> used by the caller.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ