xfs
[Top] [All Lists]

Re: [PATCH 2/4] xfs: validate untrusted inode numbers during lookup

To: Dave Chinner <david@xxxxxxxxxxxxx>
Subject: Re: [PATCH 2/4] xfs: validate untrusted inode numbers during lookup
From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date: Fri, 18 Jun 2010 07:41:56 -0400
Cc: xfs@xxxxxxxxxxx, security@xxxxxxxxxx
In-reply-to: <1276846374-23916-3-git-send-email-david@xxxxxxxxxxxxx>
References: <1276846374-23916-1-git-send-email-david@xxxxxxxxxxxxx> <1276846374-23916-3-git-send-email-david@xxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-08-17)
On Fri, Jun 18, 2010 at 05:32:52PM +1000, Dave Chinner wrote:
> +static int
> +xfs_imap_lookup(

STATIC to keep the gcc inliner from overdoing thing?

> +     xfs_mount_t     *mp,
> +     xfs_trans_t     *tp,

> +{
> +     xfs_inobt_rec_incore_t rec;
> +     xfs_btree_cur_t *cur;
> +     xfs_buf_t       *agbp;

Please use the struct versions of these instead of the typedefs.

> +#ifdef DEBUG
> +             xfs_fs_cmn_err(CE_ALERT, mp, "xfs_imap: "
> +                             "xfs_inobt_get_rec() failed");
> +#endif /* DEBUG */
> +             error = XFS_ERROR(EINVAL);

No need to print these even for debug kernels I think.  And even then
we shouldn't do it if the untrusted flag is set.

> +     }
> +error0:

I'd just call it out, or replace the goto by and if/else

<Prev in Thread] Current Thread [Next in Thread>