| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250730065818.149092-1-admin@mail.free-proletariat.dpdns.org> Date: Wed, 30 Jul 2025 15:58:18 +0900 From: kmpfqgdwxucqz9@...il.com To: Johannes Thumshirn <Johannes.Thumshirn@....com> Cc: David Sterba <dsterba@...e.com>, linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org, KernelKraze <admin@...l.free-proletariat.dpdns.org> Subject: Re: [PATCH 1/1] btrfs: add integer overflow protection to flush_dir_items_batch allocation From: KernelKraze <admin@...l.free-proletariat.dpdns.org> Hi Johannes, Thanks for the review. On 7/30/25 6:35 AM, Johannes Thumshirn wrote: > Where does this number come from? It's from log_delayed_insertion_items() at line 6111: /* 195 (4095 bytes of keys and sizes) fits in a single 4K page. */ const int max_batch_size = 195; I reused this limit for consistency across btrfs batch operations. > Wouldn't kcalloc() or kmalloc_array() be the better choice here? > kcalloc() calls kmalloc_array() which in term does overflow checking. Good point. The issue is we're allocating a mixed buffer: [u32 sizes array][struct btrfs_key keys array] kmalloc_array() handles single-type arrays, but we need: - ins_sizes = (u32 *)ins_data - ins_keys = (struct btrfs_key *)(ins_data + sizes_size) Two options: 1. Keep current approach with manual overflow checks 2. Split into separate kmalloc_array() calls (potential cache miss cost) Which would you prefer? I'm happy to rework it either way. Thanks, KernelKraze
Powered by blists - more mailing lists