From: Theodore Ts'o <tytso@mit.edu>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: linux-ext4@vger.kernel.org
Subject: Re: [PATCH 04/21] libext2fs/e2fsck: don't run off the end of the EA block
Date: Sun, 10 Aug 2014 18:22:18 -0400 [thread overview]
Message-ID: <20140810222218.GP15431@thunk.org> (raw)
In-Reply-To: <20140805010523.2611.3554.stgit@birch.djwong.org>
On Mon, Aug 04, 2014 at 06:05:23PM -0700, Darrick J. Wong wrote:
> When we're (a) reading EAs into a buffer; (b) byte-swapping EA
> entries; or (c) checking EA data, be careful not to run off the end of
> the memory buffer, because this causes invalid memory accesses and
> e2fsck crashes. This can happen if we encounter a specially crafted
> FS image.
>
> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Applied, thanks.
- Ted
next prev parent reply other threads:[~2014-08-10 22:22 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-05 1:04 [PATCH 00/21] e2fsprogs Summer 2014 patchbomb, part 3 Darrick J. Wong
2014-08-05 1:05 ` [PATCH 01/21] e2fuzz: fix build problems on macosx and i386 linux Darrick J. Wong
2014-08-10 22:16 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 02/21] e2fsck: convert 'delete files' warning to a proper fix_problem error Darrick J. Wong
2014-08-10 22:16 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 03/21] libext2fs: check EA value offset Darrick J. Wong
2014-08-10 22:21 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 04/21] libext2fs/e2fsck: don't run off the end of the EA block Darrick J. Wong
2014-08-10 22:22 ` Theodore Ts'o [this message]
2014-08-05 1:05 ` [PATCH 05/21] misc: fix various endianness problems with inline_data Darrick J. Wong
2014-08-10 22:23 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 06/21] libext2fs: strict inline data overwrite should not return ENOSPC Darrick J. Wong
2014-08-10 22:27 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 07/21] libext2fs: remove EA when inline data is less than 60 bytes Darrick J. Wong
2014-08-08 22:46 ` [PATCH v2 07/21] libext2fs: don't fail inline data operations if there's no EA Darrick J. Wong
2014-08-10 22:31 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 08/21] libext2fs: fix memory leak when failing to iterate inline_data directory Darrick J. Wong
2014-08-10 22:32 ` Theodore Ts'o
2014-08-05 1:05 ` [PATCH 09/21] e2fsck: check ea-in-inode regions for overlap Darrick J. Wong
2014-08-08 22:43 ` [PATCH v2 " Darrick J. Wong
2014-08-10 22:35 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 10/21] e2fsck: clear inline_data inode flag if EA missing Darrick J. Wong
2014-08-08 22:44 ` [PATCH v2 " Darrick J. Wong
2014-08-10 22:37 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 11/21] e2fsck: handle inline data symlinks Darrick J. Wong
2014-08-10 22:38 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 12/21] e2fsck: check inline directory data "block" first Darrick J. Wong
2014-08-10 22:40 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 13/21] e2fsck: don't try to iterate blocks of an inline_data inode when deallocating it Darrick J. Wong
2014-08-10 22:40 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 14/21] e2fsck: clear extents and inline_data flags from fifo/socket/device inodes Darrick J. Wong
2014-08-10 22:41 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 15/21] e2fsck: fix conflicting extents|inlinedata inode flags Darrick J. Wong
2014-08-08 16:24 ` [PATCH v2 " Darrick J. Wong
2014-08-10 22:43 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 16/21] e2fsck: do a better job of fixing i_size of inline directories Darrick J. Wong
2014-08-10 22:44 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 17/21] e2fsck: use the correct block size when salvaging directories Darrick J. Wong
2014-08-10 22:45 ` Theodore Ts'o
2014-08-05 1:06 ` [PATCH 18/21] e2fsck: check inline dir size is a multiple of 4 Darrick J. Wong
2014-08-10 22:47 ` Theodore Ts'o
2014-08-05 1:07 ` [PATCH 19/21] e2fsck: be more careful in assuming inline_data inodes are directories Darrick J. Wong
2014-08-08 16:22 ` [PATCH v2 " Darrick J. Wong
2014-08-10 22:49 ` Theodore Ts'o
2014-08-05 1:07 ` [PATCH 20/21] e2fsck: don't set prev after processing '..' on an inline dir Darrick J. Wong
2014-08-10 22:50 ` Theodore Ts'o
2014-08-05 1:07 ` [PATCH 21/21] tests: add regression tests for inlinedata fixes Darrick J. Wong
2014-08-08 22:47 ` [PATCH v2 " Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140810222218.GP15431@thunk.org \
--to=tytso@mit.edu \
--cc=darrick.wong@oracle.com \
--cc=linux-ext4@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).