| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 Apr 2020 22:10:30 +0900
From: OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: syzbot <syzbot+6f1624f937d9d6911e2d@...kaller.appspotmail.com>,
Marco Elver <elver@...gle.com>,
LKML <linux-kernel@...r.kernel.org>,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
syzkaller <syzkaller@...glegroups.com>,
Dmitry Vyukov <dvyukov@...gle.com>
Subject: [PATCH] fat: Don't allow to mount if the FAT length == 0
If FAT length == 0, the image doesn't have any data. And it can be the
cause of overlapping the root dir and FAT entries.
Also Windows treats it as invalid format.
Reported-by: syzbot+6f1624f937d9d6911e2d@...kaller.appspotmail.com
Signed-off-by: OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
---
fs/fat/inode.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/fat/inode.c b/fs/fat/inode.c
index 71946da..bf8e04e 100644
--- a/fs/fat/inode.c 2020-04-07 21:55:27.001147223 +0900
+++ b/fs/fat/inode.c 2020-04-07 22:06:15.164098069 +0900
@@ -1520,6 +1520,12 @@ static int fat_read_bpb(struct super_blo
goto out;
}
+ if (bpb->fat_fat_length == 0 && bpb->fat32_length == 0) {
+ if (!silent)
+ fat_msg(sb, KERN_ERR, "bogus number of FAT sectors");
+ goto out;
+ }
+
error = 0;
out:
_
OGAWA Hirofumi <hirofumi@...l.parknet.co.jp> writes:
Powered by blists - more mailing lists