----- Ursprüngliche Mail ----- >> While digging a little into the code I noticed that you have very few >> checks of the on-disk data. >> For example ->u.i_blkaddr. I gave it a try and created a >> malformed filesystem where u.i_blkaddr is 0xdeadbeef, it causes the kernel >> to loop forever around erofs_read_raw_page(). > > I don't fuzz all the on-disk fields for EROFS, I will do later.. > You can see many in-kernel filesystems are still hardening the related > stuff. Anyway, I will dig into this field you mentioned recently, but > I think it can be fixed easily later. This is no excuse to redo all these bugs. :-) I know that many in-kernel filesystems trust the disk ultimately, this is a problem and huge attack vector. Thanks, //richard
