RE: [PATCH] isofs: fix undefined behavior in iso_date()

From: David Laight
Date: Thu Jul 13 2023 - 10:11:13 EST

Next message: kernel test robot: "[linus:master] [iomap] 219580eea1: ltp.writev07.fail"
Previous message: Aleksa Sarai: "[PATCH v2] procfs: block chmod on /proc/thread-self/comm"
In reply to: Dan Carpenter: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Next in thread: Dan Carpenter: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dan Carpenter
> Sent: 10 July 2023 10:57
>
> It looks like maybe there is an issue with "year" as well.
>
> fs/isofs/util.c
> 19 int iso_date(u8 *p, int flag)
> 20 {
> 21 int year, month, day, hour, minute, second, tz;
> 22 int crtime;
> 23
> 24 year = p[0];
> ^^^^^
> year is 0-255.
....
> 32
> 33 if (year < 0) {
> ^^^^^^^^
> But this checks year for < 0 which is impossible. Should it be:
>
> year = (signed char)p[0];?

Or not?

What happens in 2027 ?
I bet the value has to be treated an unsigned.

>
> 34 crtime = 0;
> 35 } else {
> 36 crtime = mktime64(year+1900, month, day, hour, minute, second);
> 37
> 38 /* sign extend */
> 39 if (tz & 0x80)
> 40 tz |= (-1 << 8);

Just change the definition of tz from 'int' to 's8'
and it will all happen 'by magic'.

David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Next message: kernel test robot: "[linus:master] [iomap] 219580eea1: ltp.writev07.fail"
Previous message: Aleksa Sarai: "[PATCH v2] procfs: block chmod on /proc/thread-self/comm"
In reply to: Dan Carpenter: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Next in thread: Dan Carpenter: "Re: [PATCH] isofs: fix undefined behavior in iso_date()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]