On Sat, 2024-12-07 at 20:35 +0100, Ilya Dryomov wrote: > It becomes a path component, so it shouldn't exceed NAME_MAX > characters. This was hardened in commit c152737be22b ("ceph: Use > strscpy() instead of strcpy() in __get_snap_name()"), but no actual > check was put in place. > > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx> > --- > fs/ceph/super.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/ceph/super.c b/fs/ceph/super.c > index cfe21f320f4a..f86fc5fb858a 100644 > --- a/fs/ceph/super.c > +++ b/fs/ceph/super.c > @@ -431,6 +431,8 @@ static int ceph_parse_mount_param(struct > fs_context *fc, > > switch (token) { > case Opt_snapdirname: > + if (strlen(param->string) > NAME_MAX) > + return invalfc(fc, "snapdirname too long"); This check makes sense to me. :) Looks really good! Thanks, Slava. > kfree(fsopt->snapdir_name); > fsopt->snapdir_name = param->string; > param->string = NULL;