lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <d4a49f37f2ac64036f1bb254abcca6cef743074d.camel@ibm.com>
Date: Mon, 24 Nov 2025 17:45:55 +0000
From: Viacheslav Dubeyko <Slava.Dubeyko@....com>
To: "andriy.shevchenko@...ux.intel.com" <andriy.shevchenko@...ux.intel.com>,
        "idryomov@...il.com" <idryomov@...il.com>
CC: Xiubo Li <xiubli@...hat.com>,
        "justinstitt@...gle.com"
	<justinstitt@...gle.com>,
        "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>,
        "ceph-devel@...r.kernel.org" <ceph-devel@...r.kernel.org>,
        "morbo@...gle.com"
	<morbo@...gle.com>,
        "nathan@...nel.org" <nathan@...nel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "nick.desaulniers+lkml@...il.com" <nick.desaulniers+lkml@...il.com>
Subject: RE: [PATCH v1 1/1] libceph: Amend checking to fix `make W=1` build
 breakage

On Mon, 2025-11-24 at 17:09 +0200, andriy.shevchenko@...ux.intel.com wrote:
> On Mon, Nov 10, 2025 at 08:39:49PM +0000, Viacheslav Dubeyko wrote:
> > On Mon, 2025-11-10 at 21:36 +0200, andriy.shevchenko@...ux.intel.com wrote:
> > > On Mon, Nov 10, 2025 at 07:28:36PM +0000, Viacheslav Dubeyko wrote:
> > > > On Mon, 2025-11-10 at 15:46 +0100, Andy Shevchenko wrote:
> 
> ...
> 
> > > > >  	ceph_decode_32_safe(p, end, len, e_inval);
> > > > >  	if (len == 0 && incremental)
> > > > >  		return NULL;	/* new_pg_temp: [] to remove */
> > > > > -	if (len > (SIZE_MAX - sizeof(*pg)) / sizeof(u32))
> > > > > +	if ((size_t)len > (SIZE_MAX - sizeof(*pg)) / sizeof(u32))
> > > > >  		return ERR_PTR(-EINVAL);
> > > > >  
> > > > >  	ceph_decode_need(p, end, len * sizeof(u32), e_inval);
> > > 
> > > > I am guessing... What if we change the declaration of len on size_t, then could
> > > > it be more clear solution here? For example, let's consider this for both cases:
> > > > 
> > > > size_t len, i;
> > > > 
> > > > Could it eliminate the issue and to make the Clang happy? Or could it introduce
> > > > another warnings/issues?
> > > 
> > > Probably, but the code is pierced with the sizeof(u32) and alike, moreover
> > > size_t is architecture-dependent type, while the set of macros in decode.h
> > > seems to operate on the fixed-width type. That said, I prefer my way of fixing
> > > this. But if you find another, better one, I am all ears!
> > > 
> > > *Also note, I'm not familiar with the guts of the ceph, so maybe your solution
> > > is the best, but I want more people to confirm this.
> > 
> > I think the patch looks good as it is. And we can take it. If we find the better
> > way
> > of fixing this, then we can do it anytime.
> > 
> > Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@....com>
> 
> Thanks, can this be applied? My builds are still broken.

The patchset has been applied on testing branch already [1].

Ilya, when are we planning to send this patchset upstream?

Thanks,
Slava.

[1] https://github.com/ceph/ceph-client.git

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ