Re: [PATCH] jffs2: add additinal sanity check for jffs2_acl_from_medium()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Montag, 3. September 2018, 15:28:31 CEST schrieb cgxu519:
> On 09/03/2018 04:45 PM, Richard Weinberger wrote:
> > On Sun, Sep 2, 2018 at 5:45 PM Chengguang Xu <cgxu519@xxxxxxx> wrote:
> >> In the case ACL_USER and ACL_GROUP we check if value has exceeded end,
> >> add same check in the case ACL_OTHER as well.
> > Did you hit a problem in that area or was this found by review?
> >  From looking at the code I'd say it is fine as is.
> > In the ACL_MASK/_OTHER case we don't look into the entry object like
> > ACL_USER/_GROUP
> > do, we immediately break the switch and run another round in the for loop.
> > And here we do:
> >                  entry = value;
> >                  if (value + sizeof(struct jffs2_acl_entry_short) > end)
> >                          goto fail;
> >
> > Which is what your additional check does. So, we'd check twice.
> > What do I miss?
> 
> You are right, it is actually not needed. Sorry, please just drop the patch.

No problem, that's why we have a review process. :-)

Thanks,
//richard




______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux