From: Alexander Aring <aahringo@redhat.com>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [PATCHv4 dlm/next 20/20] fs: dlm: check for invalid namelen
Date: Mon, 11 Jan 2021 13:03:10 -0500 [thread overview]
Message-ID: <20210111180310.122451-21-aahringo@redhat.com> (raw)
In-Reply-To: <20210111180310.122451-1-aahringo@redhat.com>
This patch adds an additional check inside the dlm locking from user space
functionality that the namelen isn't above the maximum allowed dlm
resource name length. If the namelen is above the maximum allowed we
have a invalid state and out of buffer access can occur. Cut off the
namelen attribute to maximum size is not an option because we might run
into name conflicts and the user should be get aware of that.
Signed-off-by: Alexander Aring <aahringo@redhat.com>
---
fs/dlm/user.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/dlm/user.c b/fs/dlm/user.c
index e5cefa90b1ce..9f2f743eeb31 100644
--- a/fs/dlm/user.c
+++ b/fs/dlm/user.c
@@ -241,6 +241,9 @@ static int device_user_lock(struct dlm_user_proc *proc,
uint32_t lkid;
int error = -ENOMEM;
+ if (params->namelen > DLM_RESNAME_MAXLEN)
+ return -EINVAL;
+
ls = dlm_find_lockspace_local(proc->lockspace);
if (!ls)
return -ENOENT;
--
2.26.2
prev parent reply other threads:[~2021-01-11 18:03 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-11 18:02 [Cluster-devel] [PATCHv4 dlm/next 00/20] fs: dlm: introduce dlm re-transmission layer Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 01/20] fs: dlm: set connected bit after accept Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 02/20] fs: dlm: set subclass for othercon sock_mutex Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 03/20] fs: dlm: add errno handling to check callback Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 04/20] fs: dlm: add check if dlm is currently running Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 05/20] fs: dlm: change allocation limits Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 06/20] fs: dlm: public header in out utility Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 07/20] fs: dlm: use GFP_ZERO for page buffer Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 08/20] fs: dlm: simplify writequeue handling Alexander Aring
2021-01-11 18:02 ` [Cluster-devel] [PATCHv4 dlm/next 09/20] fs: dlm: add more midcomms hooks Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 10/20] fs: dlm: make buffer handling per msg Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 11/20] fs: dlm: make new buffer handling softirq ready Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 12/20] fs: dlm: add functionality to re-transmit a message Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 13/20] fs: dlm: move out some hash functionality Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 14/20] fs: dlm: remove unaligned memory access handling Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 15/20] fs: dlm: add union in dlm header for lockspace id Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 16/20] fs: dlm: add per node receive flush Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 17/20] fs: dlm: add reliable connection if reconnect Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 18/20] fs: dlm: don't allow half transmitted messages Alexander Aring
2021-01-11 18:03 ` [Cluster-devel] [PATCHv4 dlm/next 19/20] fs: dlm: remove obsolete code and comment Alexander Aring
2021-01-11 18:03 ` Alexander Aring [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210111180310.122451-21-aahringo@redhat.com \
--to=aahringo@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.