On Sun, Aug 18, 2019 at 11:03:53AM +0200, Richard Weinberger wrote: > ----- Urspr??ngliche Mail ----- > > I agree with you, but what can we do now is trying our best to fuzz > > all the fields. > > > > So, what is your opinion about EROFS? > > All I'm saying is that you should not blindly trust the disk. I completely agree with you, and I'm teaching EROFS to make the little naughty boy more strong... (we already have many error handling code, but I think I will teach him more, yes.) > > Another thing that raises my attention is in superblock_read(): > memcpy(sbi->volume_name, layout->volume_name, > sizeof(layout->volume_name)); > > Where do you check whether ->volume_name has a NUL terminator? > Currently this field has no user, maybe will add a check upon usage. > But this kind of things makes me wonder. Yes, I think this is a good point. :) Since volume_name is not used currently, I will fix it when it use late. I will make a note here (or more straightforward, I will fix it to avoid potential bug now.) Thanks, Gao Xiang > > Thanks, > //richard
