From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: tytso@mit.edu, darrick.wong@oracle.com
Cc: linux-ext4@vger.kernel.org
Subject: [PATCH 06/31] e2p: Fix f[gs]etflags argument size mismatch
Date: Mon, 30 Sep 2013 18:27:21 -0700 [thread overview]
Message-ID: <20131001012721.28415.97544.stgit@birch.djwong.org> (raw)
In-Reply-To: <20131001012642.28415.89353.stgit@birch.djwong.org>
The EXT2_IOC_[GS]ETFLAGS ioctls take longs as arguments, however this code only
reserves enough storage for an int. The kernel drivers (so far) don't transfer
more than an int but FUSE sees the long and assumes that it's ok to write the
full size of the long, which crashes if sizeof(long) > sizeof(int).
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
---
lib/e2p/fgetflags.c | 3 ++-
lib/e2p/fsetflags.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/e2p/fgetflags.c b/lib/e2p/fgetflags.c
index 2af8462..bfa87f2 100644
--- a/lib/e2p/fgetflags.c
+++ b/lib/e2p/fgetflags.c
@@ -66,7 +66,8 @@ int fgetflags (const char * name, unsigned long * flags)
return 0;
#else /* !HAVE_STAT_FLAGS || (APPLE_DARWIN && HAVE_EXT2_IOCTLS) */
#if HAVE_EXT2_IOCTLS
- int fd, r, f, save_errno = 0;
+ int fd, r, save_errno = 0;
+ unsigned long f;
if (!lstat(name, &buf) &&
!S_ISREG(buf.st_mode) && !S_ISDIR(buf.st_mode)) {
diff --git a/lib/e2p/fsetflags.c b/lib/e2p/fsetflags.c
index 167d16e..050cb4a 100644
--- a/lib/e2p/fsetflags.c
+++ b/lib/e2p/fsetflags.c
@@ -71,7 +71,8 @@ int fsetflags (const char * name, unsigned long flags)
return chflags (name, bsd_flags);
#else /* !HAVE_CHFLAGS || (APPLE_DARWIN && HAVE_EXT2_IOCTLS) */
#if HAVE_EXT2_IOCTLS
- int fd, r, f, save_errno = 0;
+ int fd, r, save_errno = 0;
+ unsigned long f;
struct stat buf;
if (!lstat(name, &buf) &&
next prev parent reply other threads:[~2013-10-01 1:27 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-01 1:26 [PATCH v1 00/31] e2fsprogs September 2013 patchbomb Darrick J. Wong
2013-10-01 1:26 ` [PATCH 01/31] tune2fs: Don't convert block # to cluster # when clearing uninit_bg Darrick J. Wong
2013-10-03 16:53 ` Lukáš Czerner
2013-10-03 19:04 ` Darrick J. Wong
2013-10-07 12:49 ` Lukáš Czerner
2013-10-07 13:03 ` Theodore Ts'o
2013-10-09 22:10 ` Darrick J. Wong
2013-10-10 0:26 ` Theodore Ts'o
2013-10-10 22:04 ` Darrick J. Wong
2013-10-13 3:09 ` Theodore Ts'o
2013-10-01 1:26 ` [PATCH 02/31] libext2fs: Only link an inode into a directory once Darrick J. Wong
2013-10-01 15:37 ` jon ernst
2013-10-01 21:11 ` Darrick J. Wong
2013-10-07 13:17 ` Theodore Ts'o
2013-10-07 18:53 ` Darrick J. Wong
2013-10-01 1:27 ` [PATCH 03/31] Define an error code for block bitmap checksum failures Darrick J. Wong
2013-10-13 3:12 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 04/31] libext2fs: Fix a minor grammatical error in the error catalog Darrick J. Wong
2013-10-07 13:20 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 05/31] libext2fs: Add space for metadata checksum when unconverting a hashed directory block Darrick J. Wong
2013-10-13 3:16 ` Theodore Ts'o
2013-10-01 1:27 ` Darrick J. Wong [this message]
2013-10-07 13:33 ` [PATCH 06/31] e2p: Fix f[gs]etflags argument size mismatch Theodore Ts'o
2013-10-07 20:40 ` Darrick J. Wong
2013-10-07 23:23 ` Darrick J. Wong
2013-10-08 0:06 ` Theodore Ts'o
2013-10-08 0:28 ` Darrick J. Wong
2013-10-01 1:27 ` [PATCH 07/31] libext2fs: When writing a file that has a i_size > 2GB, set the large_file feature flag and update the superblock Darrick J. Wong
2013-10-07 13:14 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 08/31] libext2fs: Fix off-by-one error in file truncation Darrick J. Wong
2013-10-07 14:02 ` Lukáš Czerner
2013-10-08 15:52 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 09/31] libext2fs: Rewind extent pointer when totally deleting an extent Darrick J. Wong
2013-10-07 13:37 ` Theodore Ts'o
2013-10-07 18:24 ` Darrick J. Wong
2013-10-01 1:27 ` [PATCH 10/31] libext2fs: Allow callers to punch a single block Darrick J. Wong
2013-10-01 19:09 ` jon ernst
2013-10-01 21:25 ` Darrick J. Wong
2013-10-07 13:40 ` Theodore Ts'o
2013-10-08 15:54 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 11/31] libext2fs: ind_punch() must not stop examining blocks prematurely Darrick J. Wong
2013-10-07 13:43 ` Theodore Ts'o
2013-10-01 1:27 ` [PATCH 12/31] e2fsprogs: Fix blk_t <- blk64_t assignment mismatches Darrick J. Wong
2013-10-07 13:52 ` Theodore Ts'o
2013-10-01 1:28 ` [PATCH 13/31] e2fsprogs: Less critical fixes to use the appropriate blk*t types Darrick J. Wong
2013-10-07 13:59 ` Theodore Ts'o
2013-10-01 1:28 ` [PATCH 14/31] libext2fs: Fix ext2fs_open2() truncation of the superblock parameter Darrick J. Wong
2013-10-07 14:30 ` Lukáš Czerner
2013-10-07 18:42 ` Darrick J. Wong
2013-10-08 15:58 ` Theodore Ts'o
2013-10-08 17:47 ` Darrick J. Wong
2013-10-01 1:28 ` [PATCH 15/31] e2fsck: Teach EA refcounting code to handle 48bit block addresses Darrick J. Wong
2013-10-07 15:30 ` Lukáš Czerner
2013-10-07 18:37 ` Darrick J. Wong
2013-10-08 16:01 ` Theodore Ts'o
2013-10-09 21:53 ` Darrick J. Wong
2013-10-01 1:28 ` [PATCH 16/31] debugfs: Handle 64bit block numbers Darrick J. Wong
2013-10-07 15:49 ` Lukáš Czerner
2013-10-07 18:49 ` Darrick J. Wong
2013-10-01 1:28 ` [PATCH 17/31] libext2fs: Refactor u32-list to handle 32 and 64-bit data types Darrick J. Wong
2013-10-10 14:46 ` Lukáš Czerner
2013-10-10 18:05 ` Darrick J. Wong
2013-10-01 1:28 ` [PATCH 18/31] libext2fs: Badblocks should handle 48-bit block numbers correctly Darrick J. Wong
2013-10-08 16:03 ` Theodore Ts'o
2013-10-09 21:57 ` Darrick J. Wong
2013-10-01 1:28 ` [PATCH 19/31] badblocks: Use the new badblocks APIs for 64-bit block numbers Darrick J. Wong
2013-10-10 15:01 ` Lukáš Czerner
2013-10-01 1:28 ` [PATCH 20/31] e2fsprogs: Add (optional) sparse checking to the build Darrick J. Wong
2013-10-12 3:13 ` Theodore Ts'o
2013-10-01 1:28 ` [PATCH 21/31] libext2fs: Be more thorough in searching a range of blocks for a cluster Darrick J. Wong
2013-10-08 16:09 ` Theodore Ts'o
2013-10-01 1:29 ` [PATCH 22/31] libext2fs: During punch, only free a cluster if we're sure that all blocks in the cluster are being punched Darrick J. Wong
2013-10-10 15:53 ` Lukáš Czerner
2013-10-10 19:29 ` Darrick J. Wong
2013-10-01 1:29 ` [PATCH 23/31] libext2fs: expanddir and mkjournal need not update the summary counts when performing an implied cluster allocation Darrick J. Wong
2013-10-10 16:02 ` Lukáš Czerner
2013-10-01 1:29 ` [PATCH 24/31] libext2fs: Use ext2fs_punch() to truncate quota file Darrick J. Wong
2013-10-10 16:06 ` Lukáš Czerner
2013-10-01 1:29 ` [PATCH 25/31] e2fsck: Only release clusters when shortening a directory during a rehash Darrick J. Wong
2013-10-10 16:13 ` Lukáš Czerner
2013-10-01 1:29 ` [PATCH 26/31] libext2fs: openfs() musn't allow bigalloc without EXT2_FLAGS_64BITS Darrick J. Wong
2013-10-07 12:50 ` Lukáš Czerner
2013-10-12 1:36 ` Theodore Ts'o
2013-10-01 1:29 ` [PATCH 27/31] resize2fs: Convert fs to and from 64bit mode Darrick J. Wong
2013-10-01 1:29 ` [PATCH 28/31] mke2fs: Complain about creating 64bit filesystems without extents Darrick J. Wong
2013-10-12 1:14 ` Theodore Ts'o
2013-10-01 1:29 ` [PATCH 29/31] e2fsck: Enable extents on all 64bit filesystems Darrick J. Wong
2013-10-12 1:19 ` Theodore Ts'o
2013-10-01 1:29 ` [PATCH 30/31] libext2fs: Support modifying arbitrary extended attributes Darrick J. Wong
2013-10-01 1:30 ` [PATCH 31/31] misc: Add fuse2fs, a FUSE server for e2fsprogs Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131001012721.28415.97544.stgit@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).