| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190924061452.GA31397@amd>
Date: Tue, 24 Sep 2019 08:14:52 +0200
From: Pavel Machek <pavel@....cz>
To: clm@...com, josef@...icpanda.com, dsterba@...e.com,
linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] btrfs compression: check string length
AFAICT, with current code user could pass something like "lzox" and
still get "lzo" compression. Check string lengths to prevent that.
Signed-off-by: Pavel Machek <pavel@...x.de>
diff --git a/fs/btrfs/compression.c b/fs/btrfs/compression.c
index b05b361..1083ab4 100644
--- a/fs/btrfs/compression.c
+++ b/fs/btrfs/compression.c
@@ -51,7 +51,7 @@ bool btrfs_compress_is_valid_type(const char *str, size_t len)
for (i = 1; i < ARRAY_SIZE(btrfs_compress_types); i++) {
size_t comp_len = strlen(btrfs_compress_types[i]);
- if (len < comp_len)
+ if (len != comp_len)
continue;
if (!strncmp(btrfs_compress_types[i], str, comp_len))
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists