* [PATCH] debugfs: fix check for out-of-bound xattr value
@ 2016-08-09 20:42 Andreas Dilger
2016-08-10 22:02 ` Theodore Ts'o
0 siblings, 1 reply; 2+ messages in thread
From: Andreas Dilger @ 2016-08-09 20:42 UTC (permalink / raw)
To: tytso; +Cc: linux-ext4, Andreas Dilger
Since commit v1.42.12-1-g8a546777119c, the check for in-inode
xattrs in internal_dump_inode_extra() has been incorrectly checking
the value size. The value can go right to the end of the inode.
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
---
debugfs/debugfs.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/debugfs/debugfs.c b/debugfs/debugfs.c
index 260698c..329451c 100644
--- a/debugfs/debugfs.c
+++ b/debugfs/debugfs.c
@@ -557,9 +557,11 @@ static void internal_dump_inode_extra(FILE *out,
char *value = start + entry->e_value_offs;
if (name + entry->e_name_len >= end ||
- value + entry->e_value_size >= end ||
- (char *) next >= end) {
- fprintf(out, "invalid EA entry in inode\n");
+ value + entry->e_value_size > end ||
+ (char *)next >= end) {
+ fprintf(out, "invalid EA entry in inode: "
+ "name_len=%u value_size=%u\n",
+ entry->e_name_len, entry->e_value_size);
return;
}
fprintf(out, " ");
--
2.4.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] debugfs: fix check for out-of-bound xattr value
2016-08-09 20:42 [PATCH] debugfs: fix check for out-of-bound xattr value Andreas Dilger
@ 2016-08-10 22:02 ` Theodore Ts'o
0 siblings, 0 replies; 2+ messages in thread
From: Theodore Ts'o @ 2016-08-10 22:02 UTC (permalink / raw)
To: Andreas Dilger; +Cc: linux-ext4
On Tue, Aug 09, 2016 at 02:42:51PM -0600, Andreas Dilger wrote:
> Since commit v1.42.12-1-g8a546777119c, the check for in-inode
> xattrs in internal_dump_inode_extra() has been incorrectly checking
> the value size. The value can go right to the end of the inode.
>
> Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
This looks like it's another 1.42 related patch. I wasn't planning on
putting out another 1.42 maintenance branch, mainly because I just
don't have the time. So what I've been doing is trying to see if
fixes can apply to the maint branch --- and if they can, I'll apply
them there and then merge them into the next / master branches.
But for patches where the code in question has changed radically
between 1.42 and 1.43, I haven't been bothering to try to apply them
into the maint branch, mainly because that just causes patch conflicts
lately.
I'm planning on retiring the 1.42 maint branch, and merging the maint
branch to 1.43, probably after 1.43.2, and then we can start using
putting more development related changes to the master/next branches.
Any objections to that plan? Is there anyone who needs a 1.42 based
maintenance branch for some reason?
- Ted
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-08-10 22:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-09 20:42 [PATCH] debugfs: fix check for out-of-bound xattr value Andreas Dilger
2016-08-10 22:02 ` Theodore Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).