| Message ID | 20220311041505.160241-1-xiubli@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ceph: fix base64 encoded name's length check in ceph_fname_to_usr() | expand |
On Fri, 2022-03-11 at 12:15 +0800, xiubli@redhat.com wrote: > From: Xiubo Li <xiubli@redhat.com> > > The fname->name is based64_encoded names and the max long shouldn't > exceed the NAME_MAX. > > The FSCRYPT_BASE64URL_CHARS(NAME_MAX) will be 255 * 4 / 3. > > Signed-off-by: Xiubo Li <xiubli@redhat.com> > --- > > Note: > > This patch is bansed on the wip-fscrpt branch in ceph-client repo. > > > fs/ceph/crypto.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c > index 5a87e7385d3f..560481b6c964 100644 > --- a/fs/ceph/crypto.c > +++ b/fs/ceph/crypto.c > @@ -205,7 +205,7 @@ int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname, > } > > /* Sanity check that the resulting name will fit in the buffer */ > - if (fname->name_len > FSCRYPT_BASE64URL_CHARS(NAME_MAX)) > + if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX) > return -EIO; > > ret = __fscrypt_prepare_readdir(fname->dir); Thanks, Xiubo. Merged into wip-fscrypt branch. For now I've left this as a separate patch, but I may squash it into the patch that adds ceph_fname_to_usr eventually.
On 3/12/22 1:14 AM, Jeff Layton wrote: > On Fri, 2022-03-11 at 12:15 +0800, xiubli@redhat.com wrote: >> From: Xiubo Li <xiubli@redhat.com> >> >> The fname->name is based64_encoded names and the max long shouldn't >> exceed the NAME_MAX. >> >> The FSCRYPT_BASE64URL_CHARS(NAME_MAX) will be 255 * 4 / 3. >> >> Signed-off-by: Xiubo Li <xiubli@redhat.com> >> --- >> >> Note: >> >> This patch is bansed on the wip-fscrpt branch in ceph-client repo. >> >> >> fs/ceph/crypto.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c >> index 5a87e7385d3f..560481b6c964 100644 >> --- a/fs/ceph/crypto.c >> +++ b/fs/ceph/crypto.c >> @@ -205,7 +205,7 @@ int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname, >> } >> >> /* Sanity check that the resulting name will fit in the buffer */ >> - if (fname->name_len > FSCRYPT_BASE64URL_CHARS(NAME_MAX)) >> + if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX) >> return -EIO; >> >> ret = __fscrypt_prepare_readdir(fname->dir); > Thanks, Xiubo. Merged into wip-fscrypt branch. For now I've left this as > a separate patch, but I may squash it into the patch that adds > ceph_fname_to_usr eventually. > Yeah, sure. Maybe just as one separate patch to help other to understand the code here ? Thanks Jeff. - Xiubo
diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c index 5a87e7385d3f..560481b6c964 100644 --- a/fs/ceph/crypto.c +++ b/fs/ceph/crypto.c @@ -205,7 +205,7 @@ int ceph_fname_to_usr(const struct ceph_fname *fname, struct fscrypt_str *tname, } /* Sanity check that the resulting name will fit in the buffer */ - if (fname->name_len > FSCRYPT_BASE64URL_CHARS(NAME_MAX)) + if (fname->name_len > NAME_MAX || fname->ctext_len > NAME_MAX) return -EIO; ret = __fscrypt_prepare_readdir(fname->dir);