review.tizen.org Git - platform/kernel/linux-rpi.git/commit

projects / platform / kernel / linux-rpi.git / commit

author	Jaegeuk Kim <jaegeuk@kernel.org>
	Thu, 27 Dec 2018 03:54:07 +0000 (19:54 -0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 9 Jan 2019 16:38:46 +0000 (17:38 +0100)
commit	5036fcd9b14516f62efae6ed0c42dfbb9798b643
tree	fda08e93e2949ffda04d4a0d5aa89fe7cc5d78c0	tree \| snapshot
parent	58d7ab7163d9119a05c576506692a4d90ca22f65	commit \| diff

f2fs: sanity check of xattr entry size

commit 64beba0558fce7b59e9a8a7afd77290e82a22163 upstream.

There is a security report where f2fs_getxattr() has a hole to expose wrong
memory region when the image is malformed like this.

f2fs_getxattr: entry->e_name_len: 4, size: 12288, buffer_size: 16384, len: 4

Cc: <stable@vger.kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/f2fs/xattr.c

diff | blob | history

Domain: System / Kernel;

RSS Atom