mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-20 09:31:09 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/udf
History
Jan Kara 9e951f2d85 udf: Avoid using stale lengthOfImpUse 
commit c1ad35dd05 upstream.

udf_write_fi() uses lengthOfImpUse of the entry it is writing to.
However this field has not yet been initialized so it either contains
completely bogus value or value from last directory entry at that place.
In either case this is wrong and can lead to filesystem corruption or
kernel crashes.

Reported-by: butt3rflyh4ck <butterflyhuangxx@gmail.com>
CC: stable@vger.kernel.org
Fixes: 979a6e28dd ("udf: Get rid of 0-length arrays in struct fileIdentDesc")
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-05-15 20:18:52 +02:00
..
balloc.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
dir.c udf: Fix crash after seekdir 2021-11-25 09:48:46 +01:00
directory.c udf: Remove pointless union in udf_inode_info 2020-09-29 17:21:54 +02:00
ecma_167.h udf: Get rid of 0-length arrays in struct fileIdentDesc 2021-08-11 16:54:44 +02:00
file.c mm: require ->set_page_dirty to be explicitly wired up 2021-06-29 10:53:48 -07:00
ialloc.c udf: Fix error handling in udf_new_inode() 2022-01-27 11:05:02 +01:00
inode.c udf: Fix NULL ptr deref when converting from inline format 2022-02-01 17:27:00 +01:00
Kconfig docs: filesystems: fix renamed references 2020-04-20 15:45:22 -06:00
lowlevel.c udf: stop using ioctl_by_bdev 2020-05-04 10:13:42 -06:00
Makefile
misc.c udf_get_extendedattr() had no boundary checks. 2021-08-23 13:35:19 +02:00
namei.c udf: Avoid using stale lengthOfImpUse 2022-05-15 20:18:52 +02:00
osta_udf.h udf: Get rid of 0-length arrays 2021-08-11 16:54:44 +02:00
partition.c udf: Remove pointless union in udf_inode_info 2020-09-29 17:21:54 +02:00
super.c udf: Fix crash after seekdir 2021-11-25 09:48:46 +01:00
symlink.c fs: make helpers idmap mount aware 2021-01-24 14:27:20 +01:00
truncate.c
udf_i.h udf: Remove pointless union in udf_inode_info 2020-09-29 17:21:54 +02:00
udf_sb.h udf: Fix iocharset=utf8 mount option 2021-08-12 16:07:09 +02:00
udfdecl.h udf: Get rid of 0-length arrays in struct fileIdentDesc 2021-08-11 16:54:44 +02:00
udfend.h
udftime.c
unicode.c udf: Fix iocharset=utf8 mount option 2021-08-12 16:07:09 +02:00