From: "Savva Mitrofanov" <savvamtr@gmail.com>
To: Pedro Falcato <pedro.falcato@gmail.com>
Cc: devel@edk2.groups.io, mhaeuser@posteo.de,
"Виталий Юрьевич Чепцов" <vit9696@protonmail.com>
Subject: Re: [edk2-platforms][PATCH v1 00/12] Ext4Pkg: Code correctness and security improvements
Date: Mon, 12 Dec 2022 20:40:47 +0600 [thread overview]
Message-ID: <F13A5C92-619C-4158-B608-3F89A10B06E1@gmail.com> (raw)
In-Reply-To: <CAKbZUD3Dm2Ar2JqmSJ068Gi2GAgKPFUnNYAhGHgFyVX=27vBpQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2244 bytes --]
Hi!
Thanks for your review, I did changes in my branch of edk2-platforms and will send corrected patchset soon.
Best regards,
Savva Mitrofanov
> On 10 Dec 2022, at 04:28, Pedro Falcato <pedro.falcato@gmail.com> wrote:
>
> On Fri, Dec 9, 2022 at 4:11 PM Savva Mitrofanov <savvamtr@gmail.com <mailto:savvamtr@gmail.com>> wrote:
> Hi all,
>
> This patchset fixes several code problems found by fuzzing Ext4Dxe like
> buffer and integer overflows, memory leaks, logic bugs and so on.
>
> REF: https://github.com/savvamitrofanov/edk2-platforms/tree/master <https://github.com/savvamitrofanov/edk2-platforms/tree/master>
>
> Cc: Marvin Häuser <mhaeuser@posteo.de <mailto:mhaeuser@posteo.de>>
> Cc: Pedro Falcato <pedro.falcato@gmail.com <mailto:pedro.falcato@gmail.com>>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com <mailto:vit9696@protonmail.com>>
>
> Savva Mitrofanov (12):
> Ext4Pkg: Fix memory leak in Ext4RetrieveDirent
> Ext4Pkg: Move EXT4_NAME_MAX definition to Ext4Disk.h
> Ext4Pkg: Fix global buffer overflow in Ext4ReadDir
> Ext4Pkg: Fix incorrect checksum metadata feature check
> Ext4Pkg: Fix division by zero by adding check for s_inodes_per_group
> Ext4Pkg: Add comparison between Position and FileSize in
> Ext4SetPosition
> Ext4Pkg: Add inode number validity check
> Ext4Pkg: Fix shift out of bounds in Ext4OpenSuperblock
> Ext4Pkg: Correct integer overflow check on multiplication in DiskUtil
> Ext4Pkg: Check that source file is directory in Ext4OpenInternal
> Ext4Pkg: Check VolumeName allocation correctness in Ext4GetVolumeName
> Ext4Pkg: Add missing exit Status in Ext4OpenDirent
>
> Hi!
>
> Thanks for the patches (and the fuzzing!). They all mostly lgtm, just some small nits. Please fix them so I can test and merge.
>
> Also, could you add a Fixes tag to each patch (like in the LKML and elsewhere in OVMF) so we can more easily track what each patch fixes? Using something simple like the oldest git blame of what you're fixing should be enough in this case, no need for git bisect. I just want to establish a good, clean track record here for me and for downstream users to better know what they need to pick up!
>
> Thanks,
> Pedro
[-- Attachment #2: Type: text/html, Size: 3841 bytes --]
prev parent reply other threads:[~2022-12-12 14:40 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-09 16:10 [edk2-platforms][PATCH v1 00/12] Ext4Pkg: Code correctness and security improvements Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 01/12] Ext4Pkg: Fix memory leak in Ext4RetrieveDirent Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 02/12] Ext4Pkg: Move EXT4_NAME_MAX definition to Ext4Disk.h Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 03/12] Ext4Pkg: Fix global buffer overflow in Ext4ReadDir Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 04/12] Ext4Pkg: Fix incorrect checksum metadata feature check Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 05/12] Ext4Pkg: Fix division by zero by adding check for s_inodes_per_group Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 06/12] Ext4Pkg: Add comparison between Position and FileSize in Ext4SetPosition Savva Mitrofanov
2022-12-09 22:12 ` Pedro Falcato
2022-12-12 11:44 ` Savva Mitrofanov
2022-12-09 16:10 ` [edk2-platforms][PATCH v1 07/12] Ext4Pkg: Add inode number validity check Savva Mitrofanov
2022-12-09 16:11 ` [edk2-platforms][PATCH v1 08/12] Ext4Pkg: Fix shift out of bounds in Ext4OpenSuperblock Savva Mitrofanov
2022-12-09 16:11 ` [edk2-platforms][PATCH v1 09/12] Ext4Pkg: Correct integer overflow check on multiplication in DiskUtil Savva Mitrofanov
2022-12-09 22:16 ` Pedro Falcato
2022-12-09 16:11 ` [edk2-platforms][PATCH v1 10/12] Ext4Pkg: Check that source file is directory in Ext4OpenInternal Savva Mitrofanov
2022-12-09 16:11 ` [edk2-platforms][PATCH v1 11/12] Ext4Pkg: Check VolumeName allocation correctness in Ext4GetVolumeName Savva Mitrofanov
2022-12-09 16:11 ` [edk2-platforms][PATCH v1 12/12] Ext4Pkg: Add missing exit Status in Ext4OpenDirent Savva Mitrofanov
2022-12-09 22:28 ` [edk2-platforms][PATCH v1 00/12] Ext4Pkg: Code correctness and security improvements Pedro Falcato
2022-12-12 14:40 ` Savva Mitrofanov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=F13A5C92-619C-4158-B608-3F89A10B06E1@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox