Re: [PATCH v3] exfat: integrates dir-entry getting and validation

Tue, 25 Aug 2020 23:08:12 -0700 

Thank you for quick reply!

On 2020/08/26 13:19, Namjae Jeon wrote:

On 2020/08/26 10:03, Namjae Jeon wrote:

Second: Range validation and type validation should not be separated.
When I started making this patch, I intended to add only range validation.
However, after the caller gets the ep, the type validation follows.
Get ep, null check of ep (= range verification), type verification is a series 
of procedures.
There would be no reason to keep them independent anymore.
Range and type validation is enforced when the caller uses ep.

You can add a validate flags as argument of exfat_get_dentry_set(), e.g. none, 
basic and strict.
none : only range validation.
basic : range + type validation.
strict : range + type + checksum and name length, etc.


Currently, various types of verification will not be needed.
Let's add it when we need it.



-       /* validiate cached dentries */
-       for (i = 1; i < num_entries; i++) {
-               ep = exfat_get_dentry_cached(es, i);
-               if (!exfat_validate_entry(exfat_get_entry_type(ep), &mode))
+       ep = exfat_get_dentry_cached(es, ENTRY_STREAM);
+       if (!ep || ep->type != EXFAT_STREAM)
+               goto free_es;
+       es->de[ENTRY_STREAM] = ep;


The value contained in stream-ext dir-entry should not be used before 
validating the EntrySet

checksum.

So I would insert EntrySet checksum validation here.
In that case, the checksum verification loop would be followed by the
TYPE_NAME verification loop, can you acceptable?

Yes. That would be great.


OK.
I'll add TYPE_NAME verification after checksum verification, in next patch.
However, I think it is enough to validate TYPE_NAME when extracting name.
Could you please tell me why you think you need TYPE_NAME validation here?

I've told you on previous mail. This function should return validated dentry 
set after checking
file->stream->name in sequence.


Yes. I understand that the current implementation checks in that order.
Sorry, my question was unclear.
Why do you think you should leave the TYPE_NAME validation in this function?
What kind of problem are you worried about if this function does not validate 
TYPE_NAME?
(for preserve the current behavior?)

Don't worry, I will add TYPE_NAME verification to the v4 patch.
I will post it later today.

BR
---
Tetsuhiro Kohada <kohada...@gmail.com>






















					Reply via email to