From: Kari Argillander <kari.argillander@gmail.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>,
ntfs3@lists.linux.dev, linux-kernel@vger.kernel.org,
kernel-janitors@vger.kernel.org
Subject: Re: [PATCH] fs/ntfs3: fix an error code in ntfs_get_acl_ex()
Date: Tue, 24 Aug 2021 19:38:51 +0300 [thread overview]
Message-ID: <20210824163851.hfbjqqpztgk4ngd5@kari-VirtualBox> (raw)
In-Reply-To: <20210824114858.GH31143@kili>
On Tue, Aug 24, 2021 at 02:48:58PM +0300, Dan Carpenter wrote:
> The ntfs_get_ea() function returns negative error codes or on success
Not reletad to this patch but ntfs_get_wsl_perm() seems quite bug
because in there ntfs_get_ea use is not checked at all.
Also ntfs_getxattr() should probably send errno if ntfs_get_ea() is 0.
> it returns the length. In the original code a zero length return was
> treated as -ENODATA and results in a NULL return. But it should be
> treated as an invalid length and result in an PTR_ERR(-EINVAL) return.
>
> Fixes: be71b5cba2e6 ("fs/ntfs3: Add attrib operations")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> I'm not super familiar with this code. Please review this one
> extra carefully. I think it's theoretical because hopefully
> ntfs_get_ea() doesn't ever return invalid lengths.
ntfs_get_ea() will return 0 if no info and this can happend quite
easily in my eyes.
Here's snippets
ntfs_read_ea()
{
attr_info =
ni_find_attr(ni, NULL, &le, ATTR_EA_INFO, NULL, 0, NULL, NULL);
attr_ea =
ni_find_attr(ni, attr_info, &le, ATTR_EA, NULL, 0, NULL, NULL);
if (!attr_ea || !attr_info)
return 0;
}
ntfs_get_ea()
{
len = 0;
err = ntfs_read_ea(ni, &ea_all, 0, &info);
if (err)
goto out;
if (!info)
goto out;
out:
return err ? err : len;
}
>
> fs/ntfs3/xattr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ntfs3/xattr.c b/fs/ntfs3/xattr.c
> index 9239c388050e..e8ed38d0c4c9 100644
> --- a/fs/ntfs3/xattr.c
> +++ b/fs/ntfs3/xattr.c
> @@ -521,7 +521,7 @@ static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns,
> ni_unlock(ni);
>
> /* Translate extended attribute to acl */
> - if (err > 0) {
> + if (err >= 0) {
So now if err (size) is 0 it will try to get acl. Didn't you just say
that you want to return PTR_ERR(-EINVAL)?
So overall good finding but maybe more work is needed with this one.
> acl = posix_acl_from_xattr(mnt_userns, buf, err);
> if (!IS_ERR(acl))
> set_cached_acl(inode, type, acl);
> --
> 2.20.1
>
>
next prev parent reply other threads:[~2021-08-24 16:38 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-24 11:48 [PATCH] fs/ntfs3: fix an error code in ntfs_get_acl_ex() Dan Carpenter
2021-08-24 16:38 ` Kari Argillander [this message]
2021-08-24 17:07 ` Dan Carpenter
2021-08-27 17:17 ` Konstantin Komarov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210824163851.hfbjqqpztgk4ngd5@kari-VirtualBox \
--to=kari.argillander@gmail.com \
--cc=almaz.alexandrovich@paragon-software.com \
--cc=dan.carpenter@oracle.com \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ntfs3@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).