| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Nov 2023 16:01:18 -0800
From: Brian Norris <briannorris@...omium.org>
To: Theodore Ts'o <tytso@....edu>
Cc: linux-ext4@...r.kernel.org,
Brian Norris <briannorris@...omium.org>
Subject: [PATCH] lib/ext2fs: Validity checks for ext2fs_inode_scan_goto_blockgroup()
We don't validate the 'group' argument, so it's easy to get underflows
or crashes here.
This resolves issues seen in ureadahead, when it uses an old packfile
(with mismatching group indices) with a new filesystem.
Signed-off-by: Brian Norris <briannorris@...omium.org>
---
lib/ext2fs/inode.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/ext2fs/inode.c b/lib/ext2fs/inode.c
index 957d5aa9f9d6..96d854b5fb69 100644
--- a/lib/ext2fs/inode.c
+++ b/lib/ext2fs/inode.c
@@ -313,6 +313,9 @@ static errcode_t get_next_blockgroup(ext2_inode_scan scan)
errcode_t ext2fs_inode_scan_goto_blockgroup(ext2_inode_scan scan,
int group)
{
+ if (group <= 0 || group >= scan->fs->group_desc_count)
+ return EXT2_ET_INVALID_ARGUMENT;
+
scan->current_group = group - 1;
scan->groups_left = scan->fs->group_desc_count - group;
scan->bad_block_ptr = 0;
--
2.43.0.rc2.451.g8631bc7472-goog
Powered by blists - more mailing lists