lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 20 Sep 2007 12:18:49 -0600
From:	Andreas Dilger <adilger@...sterfs.com>
To:	Jan Kara <jack@...e.cz>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: Avoid rec_len overflow with 64KB block size

On Sep 20, 2007  18:17 +0200, Jan Kara wrote:
> >   when converting ext4 directories to pagecache I just came over
> > Takashi's patch preventing overflowing of rec_len. Looking over the
> > patch - can't we do it more elegantly by using say 0xffff instead of 64K
> > and perform conversion (using some helper) at the moment we read / store
> > rec_len? That would be IMHO more transparent than current approach (at
> > least it took me some time to understand what's going on with the
> > current patch when I was looking at the code)...
>
>   Attached is a patch that does this for ext4. If you like this
> approach, I can cook up a similar patch for ext2 / ext3.

Yes, I think this is much cleaner to avoid all the conditionals in the
code.

> With 64KB blocksize, a directory entry can have size 64KB which does not fit
> into 16 bits we have for entry lenght. So we store 0xffff instead and convert
> value when read from / written to disk. The patch also converts some places
> to use ext4_next_entry() when we are changing them anyway.
> 
>  	const char * error_msg = NULL;
> -	const int rlen = le16_to_cpu(de->rec_len);
> +	const int rlen = ext4_get_rec_len(le16_to_cpu(de->rec_len));

Maybe we should wrap the le16_to_cpu() into ext4_get_rec_len() itself,
making the parameter just be "__le16 rec_len"?  We appear to have
le16_to_cpu() at every callsite.

Likewise for ext4_store_rec_len() it should do the cpu_to_le16() internally
and return an __le16.  It should maybe be called ext4_set_rec_len() to be
a more natural pairing?

This also needs a patch for e2fsprogs, while I'm not sure the old patch did
(has anyone ever checked this?) We could still consider making
EXT4_DIR_MAX_REC_LEN as in Takashi's patch, but keep the cleanups here.


Cheers, Andreas
--
Andreas Dilger
Principal Software Engineer
Cluster File Systems, Inc.

-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ