Re: [PATCH 1/3] udf: Detect incorrect directory size

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

Thank you! I have tried this patch against v4.17 kernel. Considering
the original bug report
(https://www.spinics.net/lists/kernel/msg2820542.html), now it returns
Input/output errors:

/init: line 8: can't create
/mnt/1111111111111111111111111111111111111111111111111111111111111111111111111:
Input/output error
ln: /mnt/foo: Input/output error

... and does not page faults, as expected.

чт, 14 июн. 2018 г. в 18:28, Jan Kara <jack@xxxxxxx>:
>
> Detect when a directory entry is (possibly partially) beyond directory
> size and return EIO in that case since it means the filesystem is
> corrupted. Otherwise directory operations can further corrupt the
> directory and possibly also oops the kernel.
>
> CC: Anatoly Trosinenko <anatoly.trosinenko@xxxxxxxxx>
> CC: stable@xxxxxxxxxxxxxxx
> Reported-by: Anatoly Trosinenko <anatoly.trosinenko@xxxxxxxxx>
> Signed-off-by: Jan Kara <jack@xxxxxxx>
> ---
>  fs/udf/directory.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/fs/udf/directory.c b/fs/udf/directory.c
> index 0a98a2369738..3835f983cc99 100644
> --- a/fs/udf/directory.c
> +++ b/fs/udf/directory.c
> @@ -152,6 +152,9 @@ struct fileIdentDesc *udf_fileident_read(struct inode *dir, loff_t *nf_pos,
>                                sizeof(struct fileIdentDesc));
>                 }
>         }
> +       /* Got last entry outside of dir size - fs is corrupted! */
> +       if (*nf_pos > dir->i_size)
> +               return NULL;
>         return fi;
>  }
>
> --
> 2.16.4
>




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux