hfs: add sanity check for file name length · bc5b8a9003 - Gogs

Эх сурвалжийг харах

hfs: add sanity check for file name length

On a corrupted file system the ->len field could be wrong leading to
a buffer overflow.

Reported-and-acked-by: Clement LECIGNE <clement.lecigne@netasq.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Dan Carpenter 13 жил өмнө

parent

7f80850d3f

commit

bc5b8a9003

1 өөрчлөгдсөн 2 нэмэгдсэн , 0 устгасан

Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах

						
							+ 2
							
							- 0
						
fs/hfs/trans.c
							 
								Файл харах
							
				@@ -40,6 +40,8 @@ int hfs_mac2asc(struct super_block *sb, char *out, const struct hfs_name *in)
			
				 	src = in->name;
			
				 	srclen = in->len;
			
				+	if (srclen > HFS_NAMELEN)
			
				+		srclen = HFS_NAMELEN;
			
				 	dst = out;
			
				 	dstlen = HFS_MAX_NAMELEN;
			
				 	if (nls_io) {