[PATCH 14/14] xfs: Validate the length of on-disk ACLs

To:	xfs@xxxxxxxxxxx
Subject:	[PATCH 14/14] xfs: Validate the length of on-disk ACLs
From:	Dave Chinner <david@xxxxxxxxxxxxx>
Date:	Mon, 15 Feb 2016 17:18:25 +1100
Delivered-to:	xfs@xxxxxxxxxxx
In-reply-to:	<1455517105-20033-1-git-send-email-david@xxxxxxxxxxxxx>
References:	<1455517105-20033-1-git-send-email-david@xxxxxxxxxxxxx>

From: Andreas Gruenbacher <agruenba@xxxxxxxxxx>

Source kernel commit 86a21c79745ca97676cbd47f8608839382cc0448

In xfs_acl_from_disk, instead of trusting that xfs_acl.acl_cnt is correct,
make sure that the length of the attributes is correct as well.  Also, turn
the aclp parameter into a const pointer.

Signed-off-by: Andreas Gruenbacher <agruenba@xxxxxxxxxx>
Reviewed-by: Dave Chinner <dchinner@xxxxxxxxxx>
Signed-off-by: Dave Chinner <david@xxxxxxxxxxxxx>
---
 libxfs/xfs_format.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/libxfs/xfs_format.h b/libxfs/xfs_format.h
index 7eae0a5..f89b6e0 100644
--- a/libxfs/xfs_format.h
+++ b/libxfs/xfs_format.h
@@ -1502,9 +1502,13 @@ struct xfs_acl {
                                                sizeof(struct xfs_acl_entry) \
                : 25)
 
-#define XFS_ACL_MAX_SIZE(mp) \
+#define XFS_ACL_SIZE(cnt) \
        (sizeof(struct xfs_acl) + \
-               sizeof(struct xfs_acl_entry) * XFS_ACL_MAX_ENTRIES((mp)))
+               sizeof(struct xfs_acl_entry) * cnt)
+
+#define XFS_ACL_MAX_SIZE(mp) \
+       XFS_ACL_SIZE(XFS_ACL_MAX_ENTRIES((mp)))
+
 
 /* On-disk XFS extended attribute names */
 #define SGI_ACL_FILE           "SGI_ACL_FILE"
-- 
2.5.0

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH 0/14] xfsprogs: kernel libxfs sync up to 4.5-rc2, Dave Chinner [PATCH 02/14] xfs: add missing bmap cancel calls in error paths, Dave Chinner [PATCH 07/14] xfs: bmapbt checking on debug kernels too expensive, Dave Chinner [PATCH 01/14] libxfs: Optimize the loop for xfs_bitmap_empty, Dave Chinner [PATCH 11/14] xfs: swap leaf buffer into path struct atomically during path shift, Dave Chinner [PATCH 04/14] xfs: per-filesystem stats counter implementation, Dave Chinner [PATCH 03/14] xfs: log local to remote symlink conversions correctly on v5 supers, Dave Chinner [PATCH 14/14] xfs: Validate the length of on-disk ACLs, Dave Chinner <= [PATCH 12/14] libxfs: fix two comment typos, Dave Chinner [PATCH 06/14] xfs: get mp from bma->ip in xfs_bmap code, Dave Chinner [PATCH 13/14] xfs: stop holding ILOCK over filldir callbacks, Dave Chinner [PATCH 10/14] xfs: handle dquot buffer readahead in log recovery correctly, Dave Chinner Re: [PATCH 10/14] xfs: handle dquot buffer readahead in log recovery correctly, Brian Foster [PATCH 09/14] xfs: inode recovery readahead can race with inode buffer creation, Dave Chinner [PATCH 05/14] xfs: introduce BMAPI_ZERO for allocating zeroed extents, Dave Chinner Re: [PATCH 05/14] xfs: introduce BMAPI_ZERO for allocating zeroed extents, Brian Foster [PATCH 08/14] xfs: eliminate committed arg from xfs_bmap_finish, Dave Chinner Re: [PATCH 0/14] xfsprogs: kernel libxfs sync up to 4.5-rc2, Brian Foster

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[PATCH 03/14] xfs: log local to remote symlink conversions correctly on v5 supers, Dave Chinner
Next by Date:	[PATCH 12/14] libxfs: fix two comment typos, Dave Chinner
Previous by Thread:	[PATCH 03/14] xfs: log local to remote symlink conversions correctly on v5 supers, Dave Chinner
Next by Thread:	[PATCH 12/14] libxfs: fix two comment typos, Dave Chinner
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[PATCH 03/14] xfs: log local to remote symlink conversions correctly on v5 supers, Dave Chinner

Next by Date:

[PATCH 12/14] libxfs: fix two comment typos, Dave Chinner

Previous by Thread:

[PATCH 03/14] xfs: log local to remote symlink conversions correctly on v5 supers, Dave Chinner

Next by Thread:

[PATCH 12/14] libxfs: fix two comment typos, Dave Chinner

Indexes:

[Date] [Thread] [Top] [All Lists]