From: Frank Zago <fzago@cray.com>
To: lustre-devel@lists.lustre.org
Subject: Re: [patch] staging: lustre: potential underflow in libcfs_kkuc_group_add()
Date: Tue, 03 Nov 2015 23:49:00 +0000 [thread overview]
Message-ID: <563947EC.9020502@cray.com> (raw)
In-Reply-To: <b7e8511d07d84cfaa9e437729795f179@EXCHCS32.ornl.gov>
On 11/03/2015 05:28 PM, Simmons, James A. wrote:
>
>> My static checker says that "group" is a user controlled number that can
>> be negative leading to an array underflow. I have looked at it, and I'm
>> not an expert enough in lustre to say for sure if it is really a bug.
>> Anyway, it's simple enough to make the variable unsigned which pleases
>> the static checker and makes it easier to audit.
>>
>> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> Dmitry do you this this could be placed under place under LU-6303 or does a new ticket need to be open.
> I also CC Frank Zago who is very familiar with this code. To me it looks okay.
>
> diff --git a/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h b/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> index a989d26..41f3d81 100644
> --- a/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> +++ b/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> @@ -91,7 +91,7 @@ typedef int (*libcfs_kkuc_cb_t)(__u32 data, void *cb_arg);
> /* Kernel methods */
> int libcfs_kkuc_msg_put(struct file *fp, void *payload);
> int libcfs_kkuc_group_put(int group, void *payload);
> -int libcfs_kkuc_group_add(struct file *fp, int uid, int group,
> +int libcfs_kkuc_group_add(struct file *fp, int uid, unsigned int group,
> __u32 data);
> int libcfs_kkuc_group_rem(int uid, int group);
> int libcfs_kkuc_group_foreach(int group, libcfs_kkuc_cb_t cb_func,
> diff --git a/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c b/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> index ad661a3..d8230ae 100644
> --- a/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> +++ b/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> @@ -110,7 +110,8 @@ static DECLARE_RWSEM(kg_sem);
> * @param uid identifier for this receiver
> * @param group group number
> */
> -int libcfs_kkuc_group_add(struct file *filp, int uid, int group, __u32 data)
> +int libcfs_kkuc_group_add(struct file *filp, int uid, unsigned int group,
> + __u32 data)
> {
> struct kkuc_reg *reg;
Yes, but for consistency, all 4 functions should be changed.
Regards,
Frank.
WARNING: multiple messages have this Message-ID (diff)
From: Frank Zago <fzago@cray.com>
To: lustre-devel@lists.lustre.org
Subject: [lustre-devel] [patch] staging: lustre: potential underflow in libcfs_kkuc_group_add()
Date: Tue, 3 Nov 2015 17:49:00 -0600 [thread overview]
Message-ID: <563947EC.9020502@cray.com> (raw)
In-Reply-To: <b7e8511d07d84cfaa9e437729795f179@EXCHCS32.ornl.gov>
On 11/03/2015 05:28 PM, Simmons, James A. wrote:
>
>> My static checker says that "group" is a user controlled number that can
>> be negative leading to an array underflow. I have looked at it, and I'm
>> not an expert enough in lustre to say for sure if it is really a bug.
>> Anyway, it's simple enough to make the variable unsigned which pleases
>> the static checker and makes it easier to audit.
>>
>> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> Dmitry do you this this could be placed under place under LU-6303 or does a new ticket need to be open.
> I also CC Frank Zago who is very familiar with this code. To me it looks okay.
>
> diff --git a/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h b/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> index a989d26..41f3d81 100644
> --- a/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> +++ b/drivers/staging/lustre/include/linux/libcfs/libcfs_kernelcomm.h
> @@ -91,7 +91,7 @@ typedef int (*libcfs_kkuc_cb_t)(__u32 data, void *cb_arg);
> /* Kernel methods */
> int libcfs_kkuc_msg_put(struct file *fp, void *payload);
> int libcfs_kkuc_group_put(int group, void *payload);
> -int libcfs_kkuc_group_add(struct file *fp, int uid, int group,
> +int libcfs_kkuc_group_add(struct file *fp, int uid, unsigned int group,
> __u32 data);
> int libcfs_kkuc_group_rem(int uid, int group);
> int libcfs_kkuc_group_foreach(int group, libcfs_kkuc_cb_t cb_func,
> diff --git a/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c b/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> index ad661a3..d8230ae 100644
> --- a/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> +++ b/drivers/staging/lustre/lustre/libcfs/kernel_user_comm.c
> @@ -110,7 +110,8 @@ static DECLARE_RWSEM(kg_sem);
> * @param uid identifier for this receiver
> * @param group group number
> */
> -int libcfs_kkuc_group_add(struct file *filp, int uid, int group, __u32 data)
> +int libcfs_kkuc_group_add(struct file *filp, int uid, unsigned int group,
> + __u32 data)
> {
> struct kkuc_reg *reg;
Yes, but for consistency, all 4 functions should be changed.
Regards,
Frank.
next prev parent reply other threads:[~2015-11-03 23:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-06 9:57 [patch] staging: lustre: potential underflow in mdc_iocontrol() Dan Carpenter
2015-10-29 13:51 ` [patch] staging: lustre: potential underflow in libcfs_kkuc_group_add() Dan Carpenter
2015-10-29 13:51 ` [lustre-devel] " Dan Carpenter
2015-11-03 23:28 ` Simmons, James A.
2015-11-03 23:28 ` [lustre-devel] " Simmons, James A.
2015-11-03 23:49 ` Frank Zago [this message]
2015-11-03 23:49 ` Frank Zago
2015-11-04 18:25 ` Dan Carpenter
2015-11-04 18:25 ` [lustre-devel] " Dan Carpenter
2015-11-04 19:00 ` Simmons, James A.
2015-11-04 19:00 ` [lustre-devel] " Simmons, James A.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=563947EC.9020502@cray.com \
--to=fzago@cray.com \
--cc=lustre-devel@lists.lustre.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.