lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAPjX3FdyMGKGFch-k=CmOD7wP_as_iaB9hmnbbui5=off+m+iQ@mail.gmail.com>
Date: Thu, 12 Jun 2025 15:29:21 +0200
From: Daniel Vacek <neelx@...e.com>
To: dsterba@...e.cz
Cc: Chris Mason <clm@...com>, Josef Bacik <josef@...icpanda.com>, David Sterba <dsterba@...e.com>, 
	Nick Terrell <terrelln@...com>, linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 2/2] btrfs: harden parsing of compress mount options

On Mon, 2 Jun 2025 at 19:29, David Sterba <dsterba@...e.cz> wrote:
>
> On Mon, Jun 02, 2025 at 05:53:19PM +0200, Daniel Vacek wrote:
> > Btrfs happily but incorrectly accepts the `-o compress=zlib+foo` and similar
> > options with any random suffix.
> >
> > Fix that by explicitly checking the end of the strings.
> >
> > Signed-off-by: Daniel Vacek <neelx@...e.com>
> > ---
> > v3 changes: Split into two patches to ease backporting,
> >             no functional changes.
> >
> >  fs/btrfs/super.c | 26 +++++++++++++++++++-------
> >  1 file changed, 19 insertions(+), 7 deletions(-)
> >
> > diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c
> > index 6291ab45ab2a5..4510c5f7a785e 100644
> > --- a/fs/btrfs/super.c
> > +++ b/fs/btrfs/super.c
> > @@ -270,9 +270,20 @@ static inline blk_mode_t btrfs_open_mode(struct fs_context *fc)
> >       return sb_open_mode(fc->sb_flags) & ~BLK_OPEN_RESTRICT_WRITES;
> >  }
> >
> > +static bool btrfs_match_compress_type(char *string, char *type, bool may_have_level)
>
> const also here, string, type
>
> > +{
> > +     int len = strlen(type);
> > +
> > +     return strncmp(string, type, len) == 0 &&
> > +             ((may_have_level && string[len] == ':') ||
> > +                                 string[len] == '\0');
> > +}
> > +
> >  static int btrfs_parse_compress(struct btrfs_fs_context *ctx,
> >                               struct fs_parameter *param, int opt)
> >  {
> > +     char *string = param->string;
>
> and here

Can be done at merge time. Or do you want a re-send?


> > +
> >       /*
> >        * Provide the same semantics as older kernels that don't use fs
> >        * context, specifying the "compress" option clears

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ