projects / platform / upstream / erofs-utils.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c9d13ce)
erofs-utils: lib: fix off-by-one issue with invalid device ID
authorGao Xiang <hsiangkao@linux.alibaba.com>
Tue, 17 Sep 2024 09:11:15 +0000 (17:11 +0800)
committerGao Xiang <hsiangkao@linux.alibaba.com>
Tue, 17 Sep 2024 09:26:10 +0000 (17:26 +0800)
The device ID should be no less than `1 + number of blobs`. In other
words, it should be greater than `number of blobs`.

Fixes: 89dfe997c2ee ("erofs-utils: lib: fix global-buffer-overflow due to invalid device")
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Link: https://lore.kernel.org/r/20240917091115.3920734-1-hsiangkao@linux.alibaba.com
lib/io.c patch | blob | history

diff --git a/lib/io.c b/lib/io.c
index b101c077afcf1f06c59f1e769544a9e3d620de9d..dacf8dc3843a6848780ae13db3c68b94faadf457 100644 (file)
--- a/lib/io.c
+++ b/lib/io.c
@@ -342,7 +342,7 @@ ssize_t erofs_dev_read(struct erofs_sb_info *sbi, int device_id,
        ssize_t read;
 
        if (device_id) {
-               if (device_id >= sbi->nblobs) {
+               if (device_id > sbi->nblobs) {
                        erofs_err("invalid device id %d", device_id);
                        return -EIO;
                }
Domain: System / Kernel