mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-05 18:39:59 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/xfs
History
Gao Xiang f692d09e9c xfs: avoid LR buffer overrun due to crafted h_len 
Currently, crafted h_len has been blocked for the log
header of the tail block in commit a70f9fe52d ("xfs:
detect and handle invalid iclog size set by mkfs").

However, each log record could still have crafted h_len
and cause log record buffer overrun. So let's check
h_len vs buffer size for each log record as well.

Signed-off-by: Gao Xiang <hsiangkao@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
2020-09-23 08:58:52 -07:00
..
libxfs xfs: log new intent items created as part of finishing recovered intent items 2020-09-23 08:58:51 -07:00
scrub xfs: check dabtree node hash values when loading child blocks 2020-09-23 08:58:51 -07:00
Kconfig xfs: deprecate the V4 format 2020-09-15 20:52:43 -07:00
kmem.c xfs: remove kmem_realloc() 2020-09-06 18:05:51 -07:00
kmem.h xfs: Remove kmem_zalloc_large() 2020-09-15 20:52:41 -07:00
Makefile xfs: refactor log recovery item sorting into a generic dispatch structure 2020-05-08 08:49:58 -07:00
mrlock.h
xfs.h
xfs_acl.c xfs: Remove kmem_zalloc_large() 2020-09-15 20:52:41 -07:00
xfs_acl.h xfs: improve xfs_forget_acl 2020-03-02 20:55:55 -08:00
xfs_aops.c New code for 5.8: 2020-06-02 19:21:40 -07:00
xfs_aops.h
xfs_attr_inactive.c xfs: cleanup xfs_idestroy_fork 2020-05-19 09:40:59 -07:00
xfs_attr_list.c xfs: Convert xfs_attr_sf macros to inline functions 2020-09-15 20:52:42 -07:00
xfs_bio_io.c
xfs_bmap_item.c xfs: don't release log intent items when recovery fails 2020-09-23 08:58:52 -07:00
xfs_bmap_item.h xfs: refactor intent item RECOVERED flag into the log item 2020-05-08 08:50:01 -07:00
xfs_bmap_util.c xfs: ensure that fpunch, fcollapse, and finsert operations are aligned to rt extent size 2020-09-15 20:52:42 -07:00
xfs_bmap_util.h
xfs_buf.c xfs: reuse _xfs_buf_read for re-reading the superblock 2020-09-15 20:52:39 -07:00
xfs_buf.h xfs: reuse _xfs_buf_read for re-reading the superblock 2020-09-15 20:52:39 -07:00
xfs_buf_item.c xfs: remove xlog_recover_iodone 2020-09-15 20:52:39 -07:00
xfs_buf_item.h xfs: move the buffer retry logic to xfs_buf.c 2020-09-15 20:52:38 -07:00
xfs_buf_item_recover.c xfs: remove xlog_recover_iodone 2020-09-15 20:52:39 -07:00
xfs_dir2_readdir.c xfs: move the fork format fields into struct xfs_ifork 2020-05-19 09:40:58 -07:00
xfs_discard.c xfs: remove XFS_BUF_TO_AGF 2020-03-11 09:11:39 -07:00
xfs_discard.h
xfs_dquot.c xfs: widen ondisk quota expiration timestamps to handle y2038+ 2020-09-15 20:52:41 -07:00
xfs_dquot.h xfs: refactor default quota grace period setting code 2020-09-15 20:52:40 -07:00
xfs_dquot_item.c xfs: stop using q_core.d_id in the quota code 2020-07-28 20:24:14 -07:00
xfs_dquot_item.h xfs: factor out quotaoff intent AIL removal and memory free 2020-03-18 08:12:23 -07:00
xfs_dquot_item_recover.c xfs: rename the ondisk dquot d_flags to d_type 2020-07-28 20:24:14 -07:00
xfs_error.c xfs: random buffer write failure errortag 2020-05-07 08:27:48 -07:00
xfs_error.h xfs: xfs_buf_corruption_error should take __this_address 2020-03-12 07:58:12 -07:00
xfs_export.c xfs: delete duplicated words + other fixes 2020-08-05 08:49:58 -07:00
xfs_export.h
xfs_extent_busy.c
xfs_extent_busy.h
xfs_extfree_item.c xfs: don't release log intent items when recovery fails 2020-09-23 08:58:52 -07:00
xfs_extfree_item.h xfs: refactor intent item RECOVERED flag into the log item 2020-05-08 08:50:01 -07:00
xfs_file.c xfs: force the log after remapping a synchronous-writes file 2020-09-15 20:52:42 -07:00
xfs_filestream.c
xfs_filestream.h
xfs_fsmap.c xfs: prohibit fs freezing when using empty transactions 2020-03-26 08:19:24 -07:00
xfs_fsmap.h
xfs_fsops.c xfs: remove unused shutdown types 2020-05-07 08:27:48 -07:00
xfs_fsops.h
xfs_globals.c
xfs_health.c
xfs_icache.c xfs: Remove unneeded semicolon 2020-09-15 20:52:42 -07:00
xfs_icache.h xfs: remove SYNC_WAIT and SYNC_TRYLOCK 2020-07-14 08:47:33 -07:00
xfs_icreate_item.c xfs: Remove kmem_zone_zalloc() usage 2020-07-28 20:24:14 -07:00
xfs_icreate_item.h
xfs_inode.c xfs: drop extra transaction roll from inode extent truncate 2020-09-21 09:54:29 -07:00
xfs_inode.h xfs: widen ondisk inode timestamps to deal with y2038+ 2020-09-15 20:52:41 -07:00
xfs_inode_item.c xfs: widen ondisk inode timestamps to deal with y2038+ 2020-09-15 20:52:41 -07:00
xfs_inode_item.h xfs: move the buffer retry logic to xfs_buf.c 2020-09-15 20:52:38 -07:00
xfs_inode_item_recover.c xfs: widen ondisk inode timestamps to deal with y2038+ 2020-09-15 20:52:41 -07:00
xfs_ioctl.c xfs: Remove kmem_zalloc_large() 2020-09-15 20:52:41 -07:00
xfs_ioctl.h xfs: embedded the attrlist cursor into struct xfs_attr_list_context 2020-03-02 20:55:55 -08:00
xfs_ioctl32.c xfs: lift cursor copy in/out into xfs_ioc_attr_list 2020-03-02 20:55:54 -08:00
xfs_ioctl32.h
xfs_iomap.c xfs: delete duplicated words + other fixes 2020-08-05 08:49:58 -07:00
xfs_iomap.h
xfs_iops.c mmap locking API: convert mmap_sem comments 2020-06-09 09:39:14 -07:00
xfs_iops.h
xfs_itable.c xfs: move the fork format fields into struct xfs_ifork 2020-05-19 09:40:58 -07:00
xfs_itable.h
xfs_iwalk.c
xfs_iwalk.h
xfs_linux.h xfs: remove useless definitions in xfs_linux.h 2020-07-06 10:46:58 -07:00
xfs_log.c xfs: Modify xlog_ticket_alloc() to use kernel's MM API 2020-07-28 20:24:14 -07:00
xfs_log.h xfs: refactor and split xfs_log_done() 2020-03-27 08:32:53 -07:00
xfs_log_cil.c xfs: delete duplicated words + other fixes 2020-08-05 08:49:58 -07:00
xfs_log_priv.h xfs: Modify xlog_ticket_alloc() to use kernel's MM API 2020-07-28 20:24:14 -07:00
xfs_log_recover.c xfs: avoid LR buffer overrun due to crafted h_len 2020-09-23 08:58:52 -07:00
xfs_message.c xfs: refactor ratelimited buffer error messages into helper 2020-05-07 08:27:46 -07:00
xfs_message.h xfs: refactor ratelimited buffer error messages into helper 2020-05-07 08:27:46 -07:00
xfs_mount.c xfs: remove xfs_getsb 2020-09-15 20:52:39 -07:00
xfs_mount.h xfs: remove xfs_getsb 2020-09-15 20:52:39 -07:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_ondisk.h xfs: Remove typedef xfs_attr_shortform_t 2020-09-15 20:52:42 -07:00
xfs_pnfs.c xfs: define printk_once variants for xfs messages 2020-05-04 09:03:15 -07:00
xfs_pnfs.h
xfs_pwork.c block: remove the bd_queue field from struct block_device 2020-07-01 08:08:20 -06:00
xfs_pwork.h
xfs_qm.c xfs: trace timestamp limits 2020-09-15 20:52:41 -07:00
xfs_qm.h xfs: refactor quota expiration timer modification 2020-09-15 20:52:40 -07:00
xfs_qm_bhv.c xfs: rename XFS_DQ_{USER,GROUP,PROJ} to XFS_DQTYPE_* 2020-07-28 20:24:14 -07:00
xfs_qm_syscalls.c xfs: refactor default quota grace period setting code 2020-09-15 20:52:40 -07:00
xfs_quota.h xfs: move the buffer retry logic to xfs_buf.c 2020-09-15 20:52:38 -07:00
xfs_quotaops.c xfs: create xfs_dqtype_t to represent quota types 2020-07-28 20:24:14 -07:00
xfs_refcount_item.c xfs: don't release log intent items when recovery fails 2020-09-23 08:58:52 -07:00
xfs_refcount_item.h xfs: refactor intent item RECOVERED flag into the log item 2020-05-08 08:50:01 -07:00
xfs_reflink.c xfs: delete duplicated words + other fixes 2020-08-05 08:49:58 -07:00
xfs_reflink.h xfs: move helpers that lock and unlock two inodes against userspace IO 2020-07-06 10:46:57 -07:00
xfs_rmap_item.c xfs: don't release log intent items when recovery fails 2020-09-23 08:58:52 -07:00
xfs_rmap_item.h xfs: refactor intent item RECOVERED flag into the log item 2020-05-08 08:50:01 -07:00
xfs_rtalloc.c xfs: Set xfs_buf's b_ops member when zeroing bitmap/summary files 2020-09-23 08:58:51 -07:00
xfs_rtalloc.h
xfs_stats.c xfs: Use scnprintf() for avoiding potential buffer overflow 2020-03-12 07:58:13 -07:00
xfs_stats.h
xfs_super.c xfs: deprecate the V4 format 2020-09-15 20:52:43 -07:00
xfs_super.h
xfs_symlink.c xfs: move the fork format fields into struct xfs_ifork 2020-05-19 09:40:58 -07:00
xfs_symlink.h
xfs_sysctl.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
xfs_sysctl.h
xfs_sysfs.c
xfs_sysfs.h xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init 2020-08-07 11:50:17 -07:00
xfs_trace.c xfs: support bulk loading of staged btrees 2020-03-18 08:12:23 -07:00
xfs_trace.h xfs: trace timestamp limits 2020-09-15 20:52:41 -07:00
xfs_trans.c xfs: simplify xfs_trans_getsb 2020-09-15 20:52:39 -07:00
xfs_trans.h xfs: simplify xfs_trans_getsb 2020-09-15 20:52:39 -07:00
xfs_trans_ail.c xfs: delete duplicated words + other fixes 2020-08-05 08:49:58 -07:00
xfs_trans_buf.c xfs: simplify xfs_trans_getsb 2020-09-15 20:52:39 -07:00
xfs_trans_dquot.c xfs: widen ondisk quota expiration timestamps to handle y2038+ 2020-09-15 20:52:41 -07:00
xfs_trans_priv.h xfs: refactor adding recovered intent items to the log 2020-05-08 08:50:00 -07:00
xfs_xattr.c xfs: remove duplicate headers 2020-05-08 08:51:34 -07:00