On Fri, 27 Mar 2020 16:55:40 +0100 Simon Gander <simon@xxxxxxxxxx> wrote: > When removing files containing extended attributes, the hfsplus driver > may remove the wrong entries from the attributes b-tree, causing major > filesystem damage and in some cases even kernel crashes. > > To remove a file, all its extended attributes have to be removed as well. > The driver does this by looking up all keys in the attributes b-tree with > the cnid of the file. Each of these entries then gets deleted using the > key used for searching, which doesn't contain the attribute's name when it > should. Since the key doesn't contain the name, the deletion routine will > not find the correct entry and instead remove the one in front of it. If > parent nodes have to be modified, these become corrupt as well. This causes > invalid links and unsorted entries that not even macOS's fsck_hfs is able > to fix. > > To fix this, modify the search key before an entry is deleted from the > attributes b-tree by copying the found entry's key into the search key, > therefore ensuring that the correct entry gets removed from the tree. > This seems fairly important. Should it have a cc:stable?
