From patchwork Mon Dec 6 13:32:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 12658463 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5AEFAC433F5 for ; Mon, 6 Dec 2021 13:37:08 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.238949.414159 (Exim 4.92) (envelope-from ) id 1muEAu-0007qm-6J; Mon, 06 Dec 2021 13:37:00 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 238949.414159; Mon, 06 Dec 2021 13:37:00 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1muEAu-0007qc-13; Mon, 06 Dec 2021 13:37:00 +0000 Received: by outflank-mailman (input) for mailman id 238949; Mon, 06 Dec 2021 13:36:59 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1muE6T-0001ky-UY for xen-devel@lists.xenproject.org; Mon, 06 Dec 2021 13:32:26 +0000 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.111.102]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id f2d0088e-5698-11ec-a5e1-b9374ead2679; Mon, 06 Dec 2021 14:32:25 +0100 (CET) Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2113.outbound.protection.outlook.com [104.47.17.113]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-34-IiH8PSerNzGGjue-maWf6A-1; Mon, 06 Dec 2021 14:32:24 +0100 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) by VI1PR04MB2957.eurprd04.prod.outlook.com (2603:10a6:802:4::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.16; Mon, 6 Dec 2021 13:32:22 +0000 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe]) by VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe%6]) with mapi id 15.20.4755.021; Mon, 6 Dec 2021 13:32:22 +0000 Received: from [10.156.60.236] (37.24.206.209) by AM6P191CA0100.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:8a::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.17 via Frontend Transport; Mon, 6 Dec 2021 13:32:22 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: f2d0088e-5698-11ec-a5e1-b9374ead2679 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1638797544; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rp6zR0202WWrjoyuiwHgeOxRqJmRNX0SFCkPJp8UDMs=; b=dmYFzTBvg4ds7ZOFlatT3jDKJbz4O+EzSgGauo3q+KTQK7KgYX4tdtNMEL4vsEhHeo78Do ce00qfnveTJNBX4g6x9hQ+Zx0ppASMULAxX4HOFlMpyzTJUfyFiOD5sFHpk+KISe1z3EZf CZOPj76iaILD66OzIbx1ftIcbjqhitE= X-MC-Unique: IiH8PSerNzGGjue-maWf6A-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WM6/Gv1euXEQC3S54uNn4M0kDCP+s0AqBUCGE6Ko5N7MGraL90j1ue5dVESzCCe8ZoDK9wQakA0bNSWF0xrHdIiDskXWxbXIwa6EY0ndEHVCOvG+KcaSam6lUSWisgGLP77vMEUNqKQhByl3US+rh/XnDp6DOM1OCRmySkZd5Gc1FYSXltHGo5We3eoaLFCqUBAEB5SgyRTTN7dz+2OobYM0x8MePygaEZSPRyTee/adk0PrhYM9RnyMKYwxoPMRIisNrJJUOtqNogKleeAAlIRWRoDvKsXksawOzEuvb/O85lIE1CzGha65Jp8WeyKRJmXM8+MHzosFFsOdCIhc0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rp6zR0202WWrjoyuiwHgeOxRqJmRNX0SFCkPJp8UDMs=; b=cnGyLezyYcbt4BtrTRTBRbqLC305q3EP0ZTRN486klPyofKBrE9o0cvMXym8XJqG3AR3te3e+MMTIWLLqtZSsD6jhfWUDRqgnBMlBjQDzIokHJU7QpU88xauZjGod2YdZRnxmVAdHaV0Rr/IIyav6z+rrtIGiRDoPDUp+0whPK0kZKNALpPu22vA2Kn6ZVmZLaVKppNMMbJazsSdxtoIvOfwNh2QwZ+PHPylmFOh6GnTzaD7YwGpX8abe3+uW1lKNsvSghht/d/iBDYBjnoNecpz4pIdSBKDCfqACKmfJFUw9K7TVd7EYlRrUC0SnMLEp5U+/TqXC7zfagZFsGbQeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: <4c2e3dca-2fe3-704e-4bc2-c3da16d33aec@suse.com> Date: Mon, 6 Dec 2021 14:32:21 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.3.2 Subject: [PATCH v2 5/7] xz: validate the value before assigning it to an enum variable Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , George Dunlap , Ian Jackson , Julien Grall , Stefano Stabellini , Wei Liu References: In-Reply-To: X-ClientProxiedBy: AM6P191CA0100.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:8a::41) To VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: fb53db07-1a1a-4e13-e593-08d9b8bcd585 X-MS-TrafficTypeDiagnostic: VI1PR04MB2957:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4502; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jn8M1/oXROoBjORD06mcs5F1su68MGL91wNnu33WtmBcG8CYBoB08pjmgdWaOLmqrXR60J0bDS+T6Kamj6Yqp/rvL50fYRmzl7MOc2vCRIX5U2/to69WxkgZ5HeAMw/az9tkZWShX+ftJ9yvKh2nM9KdM3KwXY33A2GlvT3pDJYy/sUA5Out3zZ5Vm0WVdqdwgd3AduK8mfoUEHP3Mp2a38R63aMOliMsw4PhwkDe81ekblvLO+iXyva5h+vcWiEwoN7UZHlAWTQMJDBKkKlnS5jtcxpM0i8KnFdki9vkUpp6qlAKtCLKTpFyWZFidy11fI96pcg4b9pNdL/qEh7i6ncQzRn3b5xVWiM33kkbV5MD5KPlJLf/9GgfRqa2oRevTlWpkcUTWnvT8q8APBdGXFE2EIr9RFSYn6bm5EASOADeDeunmj2dLG4JCE5xUTcc+XUwCX99eB6IiPMaUpo96rTPmoK+fwVsHXyN1XTI+8FaB7Du4IVQ/Ps9nmhFJ9dQOPfoqw+M8c+07vasCJCOEBmfhBKueyZ4QOpn+aG+1AViJfvJCFmp5EgMzS4/P8TGbX36Wlb+X8dA3sJodPNZlAXXEUaDLY8UUgYXGdBP71pIgiMn/ZnhiOSCX2C7v85VS1wdQtnJhdwN40McQURumwAOEjoFE0nFFu+bxr/Wk+yC1xtQS5SZ+UvxUpFwvqk6i5erUaq1WqySBXKtRRW0RCtkScTf5zeUbVa+oQcKUgvsnKlMVEXC6gtAqs0RHfBOQ48qxrhygWTPz8SXPxVkeUnpoay8xYAbdla2ruPZr3sh4KpFVB9srNYsaquLmFM X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR04MB5600.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(316002)(8676002)(36756003)(83380400001)(31696002)(16576012)(6916009)(54906003)(5660300002)(15650500001)(956004)(966005)(2616005)(2906002)(508600001)(4326008)(31686004)(86362001)(6486002)(26005)(8936002)(186003)(66946007)(38100700002)(66476007)(66556008)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?rS6cTmaFvv6o/ZCvN4sFyr/CujRk?= =?utf-8?q?aRfN/+ROC22Kxj3RxNrI9QlV3bVd2LVz5ziU+4/VTy32a5NUFoJ2sx0Jcy2hBtalB?= =?utf-8?q?YtLJx/t9d+RQRPL6RYDo81SjqCxCkBtNwHGq/2AcsstAM9f4qpKJ++NnAAGk5adfY?= =?utf-8?q?m38N8HNyJFVnN2zClIP23jgnT5OTpQ5r2NACHXzJ4KlkmThbGsWO1Mgnwds5p6KDH?= =?utf-8?q?+XQIz3YsGDbs+6HDFAjMeLdEAmb3juMFeHy4kHLCj/Csxmvz4oc+YwGLZCdSc8Xuk?= =?utf-8?q?B6+8k2NJ/OUrukXuq+FiaCLwdUH71FOfmZOHvIEuYErjH9cCYaFS+MEsDx+tGdzwL?= =?utf-8?q?6RtiTj8XwbjKscISENf/IFUxNp8gniZMSFflSo6Kr3xEzUfpWq69km7yHxF11G8bO?= =?utf-8?q?k/mfb3DG1gh+ahiSH2ZlUzLumiQK6rnOXCR9JDW5Cx4z4Gw7PRPiG0ztyUlLOGk/k?= =?utf-8?q?tRYhJoA223JWV8vh4RkV3FjhGBMWZpodYw9IMgnH2cyMpJlhdAA9RFWYiBYn5ipYx?= =?utf-8?q?5aLRcoCFr2Zb+x79+BdiDrYVd7Jiyj0uvH/NsYrqA6qPe1zoCbtYIGl9cYALhTtaa?= =?utf-8?q?8DCzlqsIdNLXUIgbSvHXe9zYaC8m3CmR4mB4rsEtYmNEddPGEmYV3q0dtHO/91Keh?= =?utf-8?q?WoXijT0gCEukmH0iVOZdjDIDhjQgmaGO72YwMeDE1HMuEKqtSWSKoSaU+O1IfYn2C?= =?utf-8?q?KB1k9ER8YdgYHKsmDvzjYgkO6UETeFkH5k+1MKB/06+UxnK9zW637loOfkgh8w4Jq?= =?utf-8?q?6iMfMRVskyULHaRvt03nqZSXAhA1p6Yi8AwLBrTuhqY931AC/rPizZYDa/MNtdbQ8?= =?utf-8?q?JmXTS2d8dMBMOvLjda++3Pwc6GyBbO/nW5iG8EqslOcx5B9rnFhdfKdOfPQMOrd/N?= =?utf-8?q?tTKZdegJkXWN3W+SkiSTK4ChcgLic8dJarqxYf8FUGZDagOORDw8SZcR1pVOM3BXN?= =?utf-8?q?6aAr8hlZjtf4tIhAxoJzfnajQtMFECq84K7y9YgMYxJR8cHrvIEbApIAz1bmDmITv?= =?utf-8?q?RghE6zBByq7MB3fdUz2/Wj3kAb9qUarJQYelUNA3HmHQhxqnol30Nd6tDY+g95T97?= =?utf-8?q?/3dx2mSsNymvLagRlrULhhUGnwGxRGwwLGl/wbo60OkFKypEb7RCiep9A9gtL349y?= =?utf-8?q?0hmzDVDUTjFu2ym8jE4VET/V6GYxCK6pNIfAZj8+qPad8svOLFjTMX9xMtIRmIMf2?= =?utf-8?q?JuOet2MCfpxqm8Y1aOU94m/l7y1fkX48ShbpjmeLopK0BgiJaibQZbtXw+T4MZEBH?= =?utf-8?q?+dErhxvEJW4KT1x0kTn3yMZsliDrbtgkb6cIEUqbNiXn5+XLBsjnpcFKoOS+RRnD7?= =?utf-8?q?mLG/4uEsATlay0FpSIa+RpKDBjm1YW1wpeP2ccLaHcjf5Ot7KYaIQ1sxLHA+mcSns?= =?utf-8?q?mEILhKCJy1twY8Psm34QJgKH5yX6pKBesBaZJKq27oc+S6QOYmaEjYmpoYuQbq5G4?= =?utf-8?q?076Aj/2O5vkQWFLEUXy/KV/Ef30x+9js5Jl54VfFXOXCdaPb7gvtmRE6sFVp3Unf2?= =?utf-8?q?RbY2DD/e8q/TpuFUahGIcHe7gfvGZyrQfDdit8cov0RyYKZgg+JPt0Q=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: fb53db07-1a1a-4e13-e593-08d9b8bcd585 X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB5600.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Dec 2021 13:32:22.6569 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ZHdtlcUZi4SUblvqOdliMZdFEI4DvBVzzPUb8Vbj9EPsImgOUBIhfoAdWntGcQO9Int+eqdDdCpecz/6xC/51Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB2957 From: Lasse Collin This might matter, for example, if the underlying type of enum xz_check was a signed char. In such a case the validation wouldn't have caught an unsupported header. I don't know if this problem can occur in the kernel on any arch but it's still good to fix it because some people might copy the XZ code to their own projects from Linux instead of the upstream XZ Embedded repository. This change may increase the code size by a few bytes. An alternative would have been to use an unsigned int instead of enum xz_check but using an enumeration looks cleaner. Link: https://lore.kernel.org/r/20211010213145.17462-3-xiang@kernel.org Signed-off-by: Lasse Collin Signed-off-by: Gao Xiang [Linux commit: 4f8d7abaa413c34da9d751289849dbfb7c977d05] Signed-off-by: Jan Beulich Reviewed-by: Luca Fancellu --- v2: Retain one more S-o-b. --- a/xen/common/xz/dec_stream.c +++ b/xen/common/xz/dec_stream.c @@ -402,12 +402,12 @@ static enum xz_ret __init dec_stream_hea * we will accept other check types too, but then the check won't * be verified and a warning (XZ_UNSUPPORTED_CHECK) will be given. */ + if (s->temp.buf[HEADER_MAGIC_SIZE + 1] > XZ_CHECK_MAX) + return XZ_OPTIONS_ERROR; + s->check_type = s->temp.buf[HEADER_MAGIC_SIZE + 1]; #ifdef XZ_DEC_ANY_CHECK - if (s->check_type > XZ_CHECK_MAX) - return XZ_OPTIONS_ERROR; - if (s->check_type > XZ_CHECK_CRC32) return XZ_UNSUPPORTED_CHECK; #else