On Sat, Aug 19, 2023 at 12:53:37AM -0700, Harshit Mogalapalli wrote: > From: Namjae Jeon <linkinjeon@xxxxxxxxxx> > > [ Upstream commit d42334578eba1390859012ebb91e1e556d51db49 ] > > exfat_extract_uni_name copies characters from a given file name entry into > the 'uniname' variable. This variable is actually defined on the stack of > the exfat_readdir() function. According to the definition of > the 'exfat_uni_name' type, the file name should be limited 255 characters > (+ null teminator space), but the exfat_get_uniname_from_ext_entry() > function can write more characters because there is no check if filename > entries exceeds max filename length. This patch add the check not to copy > filename characters when exceeding max filename length. > > Cc: stable@xxxxxxxxxxxxxxx > Cc: Yuezhang Mo <Yuezhang.Mo@xxxxxxxx> > Reported-by: Maxim Suhanov <dfirblog@xxxxxxxxx> > Reviewed-by: Sungjong Seo <sj1557.seo@xxxxxxxxxxx> > Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx> > Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> > [Harshit: backport to 5.15.y] > Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx> > --- > The conflict resolved patch for 6.1.y applies cleanly to 5.15.y as > well. > Note: This fix is already present in 5.10.y but missing in 5.15.y Thanks for catching this, now queued up. greg k-h
