#syz test
From 75a7f8778e929104684d975e637eae01336d082d Mon Sep 17 00:00:00 2001
From: Yuezhang Mo <Yuezhang.Mo@xxxxxxxx>
Date: Mon, 16 Dec 2024 13:39:42 +0800
Subject: [PATCH] exfat: fix the infinite loop in __exfat_free_cluster()
In __exfat_free_cluster(), the cluster chain is traversed until the
EOF cluster. If the cluster chain includes a loop due to file system
corruption, the EOF cluster cannot be traversed, resulting in an
infinite loop.
To avoid this infinite loop, this commit changes to only traverse and
free the number of clusters indicated by the file size.
Signed-off-by: Yuezhang Mo <Yuezhang.Mo@xxxxxxxx>
Suggested-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
---
fs/exfat/fatent.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/exfat/fatent.c b/fs/exfat/fatent.c
index 773c320d68f3..ab29c30ebaab 100644
--- a/fs/exfat/fatent.c
+++ b/fs/exfat/fatent.c
@@ -201,6 +201,8 @@ static int __exfat_free_cluster(struct inode *inode, struct exfat_chain *p_chain
if (err || n_clu == EXFAT_EOF_CLUSTER)
sync = true;
+ else if (num_clusters >= p_chain->size)
+ break;
else
next_cmap_i =
BITMAP_OFFSET_SECTOR_INDEX(sb, CLUSTER_TO_BITMAP_ENT(n_clu));
--
2.43.0
