| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aNR2erc6QYubynYK@arch-box> Date: Wed, 24 Sep 2025 18:53:46 -0400 From: Albin Babu Varghese <albinbabuvarghese20@...il.com> To: "Darrick J. Wong" <djwong@...nel.org> Cc: Ahmet Eray Karadag <eraykrdg1@...il.com>, tytso@....edu, adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, syzbot+0be4f339a8218d2a5bb1@...kaller.appspotmail.com Subject: Re: [PATCH v2] Fix: ext4: guard against EA inode refcount underflow in xattr update Hi Darrick, Ted, Thanks a lot for taking the time to review this patch and for the helpful suggestions. > /me wonders if you could use check_add_overflow for this, but otherwise > everthing looks fine to me... We looked at check_add_overflow() and check_sub_overflow(), but our understanding is that they are mainly useful if ref_change can vary beyond the current ±1. Since the call site appear to only pass increments or decrements of one, would you prefer we still use the helpers for defensive hardening, or is it acceptable to rely on explicit 0 / U64_MAX boundary checks in this case? > ...though while you're modifying the precondition checking here, I think > these i_nlink preconditions should also be hoisted to the top and cause > an EFSCORRUPTED return on bad inputs. Thanks for pointing this out. We will include this in V3. Cheers, Albin
Powered by blists - more mailing lists