From: Gao Xiang <hsiangkao@linux.alibaba.com>
Date: Tue, 17 Sep 2024 09:11:15 +0000 (+0800)
Subject: erofs-utils: lib: fix off-by-one issue with invalid device ID
X-Git-Tag: v1.8.2~5
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8ef51b0474b66b9dfbadf487700d8a45f2a65d71;p=platform%2Fupstream%2Ferofs-utils.git

erofs-utils: lib: fix off-by-one issue with invalid device ID

The device ID should be no less than `1 + number of blobs`. In other
words, it should be greater than `number of blobs`.

Fixes: 89dfe997c2ee ("erofs-utils: lib: fix global-buffer-overflow due to invalid device")
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Link: https://lore.kernel.org/r/20240917091115.3920734-1-hsiangkao@linux.alibaba.com
---

diff --git a/lib/io.c b/lib/io.c
index b101c07..dacf8dc 100644
--- a/lib/io.c
+++ b/lib/io.c
@@ -342,7 +342,7 @@ ssize_t erofs_dev_read(struct erofs_sb_info *sbi, int device_id,
 	ssize_t read;
 
 	if (device_id) {
-		if (device_id >= sbi->nblobs) {
+		if (device_id > sbi->nblobs) {
 			erofs_err("invalid device id %d", device_id);
 			return -EIO;
 		}