Re: [PATCH] e2fsprogs: avoid segfault when s_nr_users is too high

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Lukas Czerner <lczerner@redhat.com>
Cc: linux-ext4@vger.kernel.org
Subject: Re: [PATCH] e2fsprogs: avoid segfault when s_nr_users is too high
Date: Tue, 2 Oct 2018 21:54:43 -0400	[thread overview]
Message-ID: <20181003015443.GA22436@thunk.org> (raw)
In-Reply-To: <20180814143753.8937-1-lczerner@redhat.com>

On Tue, Aug 14, 2018 at 04:37:53PM +0200, Lukas Czerner wrote:
> Currently in e2fsprogs tools it's possible to access out of bounds
> memory when reading list of ids sharing a journal log
> (journal_superblock_t->s_users[]) in case where s_nr_users is too high.
> 
> This is because we never check whether the s_nr_users fits into the
> restriction of JFS_USERS_MAX. Fix it by checking that nr_users is not
> bigger than JFS_USERS_MAX and error out when possiblem.
> 
> Also add test for dumpe2fs. The rest would require involving external
> journal which is not possible to test with e2fsprogs test suite at the
> moment.
> 
> Signed-off-by: Lukas Czerner <lczerner@redhat.com>

Thanks, applied.

					- Ted

     prev parent reply	other threads:[~2018-10-03  8:40 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20180814143753.8937-1-lczerner@redhat.com>
2018-09-26  8:39 ` [PATCH] e2fsprogs: avoid segfault when s_nr_users is too high Lukas Czerner
2018-10-03  1:54 ` Theodore Y. Ts'o [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181003015443.GA22436@thunk.org \
    --to=tytso@mit.edu \
    --cc=lczerner@redhat.com \
    --cc=linux-ext4@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.