lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 6 May 2024 23:40:25 -0700
From: Christoph Hellwig <hch@...radead.org>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Christoph Hellwig <hch@...radead.org>,
	"Darrick J. Wong" <djwong@...nel.org>,
	Chandan Babu R <chandan.babu@...cle.com>, linux-xfs@...r.kernel.org,
	linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] xfs: check for negatives in xfs_exchange_range_checks()

On Tue, May 07, 2024 at 09:33:40AM +0300, Dan Carpenter wrote:
> On Mon, May 06, 2024 at 11:06:17PM -0700, Christoph Hellwig wrote:
> > On Sat, May 04, 2024 at 02:27:36PM +0300, Dan Carpenter wrote:
> > > The fxr->file1_offset and fxr->file2_offset variables come from the user
> > > in xfs_ioc_exchange_range().  They are size loff_t which is an s64.
> > > Check the they aren't negative.
> > > 
> > > Fixes: 9a64d9b3109d ("xfs: introduce new file range exchange ioctl")
> > 
> > In this commit file1_offset and file2_offset are u64.  They used to
> > be u64 in the initial submission, but we changed that as part of the
> > review process.
> 
> I've just checked again, and I think it was loff_t in that commit.
> There are two related structs, the one that's userspace API and the
> one that's internal.  The userspace API is u64 but internally it's
> loff_t.

Ah, yes.  The in-kernel ones probably just needs to move to use u64
as well.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ