#syz test
From 2ba96e6e4923f0ad0d1bbcc077e887d5d7031bc0 Mon Sep 17 00:00:00 2001
From: Yuezhang Mo <Yuezhang.Mo@xxxxxxxx>
Date: Fri, 13 Dec 2024 13:08:37 +0800
Subject: [PATCH v1] exfat: fix the infinite loop in exfat_readdir()
If a cluster is linked to itself in the cluster chain, and there
is an unused directory entry in the cluster, 'dentry' will not be
incremented, causing condition 'dentry < max_dentries' unable to
prevent an infinite loop.
The infinite loop in exfat_readdir() causes s_lock not to be released,
This infinite loop causes s_lock not to be released, and other tasks
will hang, such as exfat_sync_fs().
Signed-off-by: Yuezhang Mo <Yuezhang.Mo@xxxxxxxx>
---
fs/exfat/dir.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c
index fe0a9b8a0cd0..3103b932b674 100644
--- a/fs/exfat/dir.c
+++ b/fs/exfat/dir.c
@@ -122,7 +122,7 @@ static int exfat_readdir(struct inode *inode, loff_t *cpos, struct exfat_dir_ent
type = exfat_get_entry_type(ep);
if (type == TYPE_UNUSED) {
brelse(bh);
- break;
+ goto out;
}
if (type != TYPE_FILE && type != TYPE_DIR) {
@@ -170,6 +170,7 @@ static int exfat_readdir(struct inode *inode, loff_t *cpos, struct exfat_dir_ent
}
}
+out:
dir_entry->namebuf.lfn[0] = '\0';
*cpos = EXFAT_DEN_TO_B(dentry);
return 0;
--
2.43.0
