On Sun, May 21, 2017 at 05:25:35PM +0300, Konstantin Belousov wrote: > On Sun, May 21, 2017 at 04:03:55PM +0200, Jilles Tjoelker wrote: > > On Sun, May 21, 2017 at 03:31:18PM +0300, Konstantin Belousov wrote: > > > On Sun, May 21, 2017 at 02:14:56PM +0200, Jilles Tjoelker wrote: > > > > We have another type in this area which is too small in some situations: > > > > uint8_t for struct dirent.d_namlen. For filesystems that store filenames > > > > as upto 255 UTF-16 code units, the name to be stored in d_name may be > > > > upto 765 bytes long in UTF-8. This was reported in PR 204643. The code > > > > currently handles this by returning the short (8.3) name, but this name > > > > may not be present or usable, leaving the file inaccessible. > > > > Actually allowing longer names seems too complicated to add to the ino64 > > > > change, but changing d_namlen to uint16_t (using d_pad0 space) and > > > > skipping entries with d_namlen > 255 in libc may be helpful. > > > > Note that applications using the deprecated readdir_r() will not be able > > > > to read such long names, since the API does not allow specifying that a > > > > larger buffer has been provided. (This could be avoided by making struct > > > > dirent.d_name 766 bytes long instead of 256.) > > > > Unfortunately, the existence of readdir_r() also prevents changing > > > > struct dirent.d_name to the more correct flexible array. > > > Yes, changing the size of d_name at this stage of the project is out of > > > question. My reading of your proposal is that we should extend the size > > > of d_namlen to uint16_t, am I right ? Should we go to 32bit directly > > > then, perhaps ? > > Yes, my proposal is to change d_namlen to uint16_t. > > Making it 32 bits is not useful with the 16-bit d_reclen, and increasing > > d_reclen does not seem useful to me with the current model of > > getdirentries() where the whole dirent must fit into the caller's > > buffer. > Bumping it now might cause less churn later, even if unused, but ok. > > > I did not committed the change below, nor did I tested or even build it. > > I'd like to skip overlong names in the native readdir_r() as well, so > > that long name support can be added to the kernel later without causing > > buffer overflows with applications using FreeBSD 12.0 libc. > > The native readdir() does not seem to have such a problem. > Again, not even compiled. Looks good to me. > [patch snipped] -- Jilles TjoelkerReceived on Sun May 21 2017 - 19:27:29 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:11 UTC