Re: [PATCH v2] fs/ceph/file: fix buffer overflow in __ceph_sync_read()

From: Max Kellermann
Date: Wed Nov 27 2024 - 16:06:57 EST

Next message: Kent Overstreet: "Re: bcachefs: suspicious mm pointer in struct dio_write"
Previous message: John Johansen: "[GIT PULL] AppArmor updates for 6.13"
In reply to: Alex Markuze: "Re: [PATCH v2] fs/ceph/file: fix buffer overflow in __ceph_sync_read()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 27, 2024 at 9:57 PM Alex Markuze <amarkuze@xxxxxxxxxx> wrote:
> You are correct, that is why I'm testing a patch that deals with all
> cases where i_size < offset.

I don't like that patch because it looks complicated; it obscures the
problem and it runs a bunch of code (fscrypt, zero_page_vector) before
noticing the problem. My patch is simple and breaks the loop as soon
as the new size is known.

But I found a bug in my patch: I forgot to call
ceph_osdc_put_request(). And while looking at it, I found another
(old) leak bug. I'll post two new patches.

(I'm trying hard to suppress a rant about C, after fixing several
other Ceph leak bugs this week that caused server outages over here.)

Next message: Kent Overstreet: "Re: bcachefs: suspicious mm pointer in struct dio_write"
Previous message: John Johansen: "[GIT PULL] AppArmor updates for 6.13"
In reply to: Alex Markuze: "Re: [PATCH v2] fs/ceph/file: fix buffer overflow in __ceph_sync_read()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]