Re: [patch 2/2] staging: lustre: validate size in ll_setxattr()

public inbox for kernel-janitors@vger.kernel.org
 help / color / mirror / Atom feed

From: Dan Carpenter <dan.carpenter@oracle.com>
To: kernel-janitors@vger.kernel.org
Subject: Re: [patch 2/2] staging: lustre: validate size in ll_setxattr()
Date: Wed, 22 Oct 2014 14:09:15 +0000	[thread overview]
Message-ID: <20141022140915.GH26918@mwanda> (raw)
In-Reply-To: <20141022081233.GB31384@mwanda>

On Wed, Oct 22, 2014 at 01:53:15PM +0000, Drokin, Oleg wrote:
> Hello!
> 
> On Oct 22, 2014, at 6:32 AM, Dan Carpenter wrote:
> >> In that case, size = 0 seems to be the wrong value size for an lov param
> >> as well.
> > I don't know about this.  The code is very clear that size = 0 is
> > acceptable inside the if statement.  Oleg?
> 
> I am not sure what if statement do you mean?
> If it's the "if ((strncmp(name, XATTR_TRUSTED_PREFIX," one then size of 0
> does seem to be incorrect:
> 
>                 struct lov_user_md *lump = (struct lov_user_md *)value; 
> // (I hope this is not a user pointer?)

It's not.

> â€¦
>                 if (lump != NULL && lump->lmm_stripe_offset = 0)
>                         lump->lmm_stripe_offset = -1;
> // So, if lump is 0, we are already accessing past allowed range

If size is zero then lump is NULL and the existing code is very careful
to test for that and avoid NULL dereferences.  I think that Andrew is
saying at it doesn't make sense for lump to be NULL.

Anyway, let me send a v2 which fixes the bug and leaves lump = NULL as
is.

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

     prev parent reply	other threads:[~2014-10-22 14:09 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-22  8:12 [patch 2/2] staging: lustre: validate size in ll_setxattr() Dan Carpenter
2014-10-22 10:32 ` Dan Carpenter
2014-10-22 13:53 ` Drokin, Oleg
2014-10-22 14:09 ` Dan Carpenter [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141022140915.GH26918@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=kernel-janitors@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox