[PATCH v2] extend sparse file support
David Disseldorp
ddiss at suse.de
Mon Mar 9 10:31:01 MDT 2015
Thanks a lot for the review Jeremy!
Please see new version attached...
On Fri, 6 Mar 2015 16:06:45 -0800, Jeremy Allison wrote:
> + ndr_ret = ndr_pull_struct_blob(in_input, mem_ctx, &qar_req,
> + (ndr_pull_flags_fn_t)ndr_pull_fsctl_query_alloced_ranges_req);
>
> Can you do wrap checks around the len and offset fields in
> the read structure please. For example:
>
> + /* maximum offset is either the EOF, or the request off + len */
> + max_off = MIN(sbuf.st_ex_size,
> + qar_req.buf.file_off + qar_req.buf.len) - 1;
>
> I'd like wrap checks for 'qar_req.buf.file_off + qar_req.buf.len'
> and any other arithmetic done on client-supplied values.
I think the QAR max_off calculation is the only operation susceptible to
an integer over/underflow, given that we filter out the following
conditions:
359 if ((qar_req.buf.len == 0)
360 || (sbuf.st_ex_size == 0)
361 || (qar_req.buf.file_off >= sbuf.st_ex_size)) {
362 /* zero length range or after EOF, no ranges to return */
363 return NT_STATUS_OK;
364 }
...and for ZERO_DATA:
158 if (zdata_info.beyond_final_zero < zdata_info.file_off) {
...
162 return NT_STATUS_INVALID_PARAMETER;
163 }
I've added a new QAR max_off overflow check, and corresponding torture
test.
> Also can you add an explaination for the -1 in the comment here please ?
Done.
Cheers, David
--
The following changes since commit 02f6cfd14c8ac15b5d8a55783bb98a87557394d5:
torture-krb5: Add an initial test for s4u2self behaviour (2015-03-09 12:10:09 +0100)
are available in the git repository at:
git://git.samba.org/ddiss/samba.git viel_sparse_v2
for you to fetch changes up to 34321f75d75ddfba8a42f9a28ea4721d0fc6b7a7:
torture/ioctl: add range overflow QAR test (2015-03-09 17:23:21 +0100)
----------------------------------------------------------------
David Disseldorp (20):
lib/system: remove useless HAVE_LINUX_FALLOCATE64 logic
s3/vfs: change fallocate mode flags from enum->uint32_t
build: check for fallocate hole-punch support
system: add hole punch support to sys_fallocate()
smbd/ioctl: add FSCTL_SET_ZERO_DATA support
idl/ioctl: change QAR response array to a DATA_BLOB
build: check for SEEK_HOLE and SEEK_DATA support
smbd/ioctl: add FSCTL_QUERY_ALLOCATED_RANGES support
s3/statvfs: expose FILE_SUPPORTS_SPARSE_FILES capability
torture/ioctl: remove 64K chunk size assumptions
torture/ioctl: remove FS specific sparse punch check
torture/ioctl: remove FS specific sparse copy-chunk expectations
torture/ioctl: add sparse_punch_invalid test
torture/ioctl: rework and reduce pattern helper IO sizes
torture/ioctl: add ioctl_sparse_perms test
s3/smbd: fix FSCTL_SET_SPARSE permission checks
torture/ioctl: test sparse file operation locking
torture/ioctl: add QAR off-by-one bug paranoia test
torture/ioctl: add multi-range QAR test
torture/ioctl: add range overflow QAR test
examples/VFS/skel_opaque.c | 2 +-
examples/VFS/skel_transparent.c | 2 +-
librpc/idl/ioctl.idl | 6 +-
source3/include/proto.h | 2 +-
source3/include/vfs.h | 17 +-
source3/lib/system.c | 36 +-
source3/modules/vfs_ceph.c | 3 +-
source3/modules/vfs_default.c | 13 +-
source3/modules/vfs_fruit.c | 2 +-
source3/modules/vfs_full_audit.c | 2 +-
source3/modules/vfs_glusterfs.c | 3 +-
source3/modules/vfs_gpfs.c | 7 +-
source3/modules/vfs_streams_xattr.c | 2 +-
source3/modules/vfs_time_audit.c | 2 +-
source3/smbd/dosmode.c | 9 +-
source3/smbd/smb2_ioctl_filesys.c | 328 +++++++++-
source3/smbd/statvfs.c | 9 +
source3/smbd/vfs.c | 14 +-
source3/wscript | 13 +
source4/torture/smb2/ioctl.c | 931 ++++++++++++++++++++++++++--
20 files changed, 1288 insertions(+), 115 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: viel_sparse_v2.patchset
Type: application/octet-stream
Size: 85923 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150309/069b3dc1/attachment-0001.obj>
More information about the samba-technical
mailing list