lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Oct 2023 16:52:47 +0800
From:   zhongjinghua <zhongjinghua@...weicloud.com>
To:     Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>, axboe@...nel.dk
Cc:     linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
        zhongjinghua@...wei.com, yi.zhang@...wei.com, yukuai3@...wei.com
Subject: Re: [PATCH] block: Fix minor range check in device_add_disk()


在 2023/10/25 18:06, Tetsuo Handa 写道:
> On 2023/10/25 17:46, Zhong Jinghua wrote:
>> Checks added in patch:
>> commit e338924bd05d ("block: check minor range in device_add_disk()")
>> ignore the problem of first_minore < 0 and disk->minors < 0.
> What is the problem of first_minor < 0 or disk->minors < 0 ?
> Are negative values legal/illegal ?

These two values are used as the secondary device number and the maximum number of partitions, which is illegal if negative. Then first_minore and disk->minors are signed numbers, and the sum may be less than MINORMASK to bypass the check.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ