lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 21 Aug 2023 18:43:33 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
Cc:     stable@...r.kernel.org, vegard.nossum@...cle.com,
        Namjae Jeon <linkinjeon@...nel.org>,
        Yuezhang Mo <Yuezhang.Mo@...y.com>,
        Maxim Suhanov <dfirblog@...il.com>,
        Sungjong Seo <sj1557.seo@...sung.com>,
        Sasha Levin <sashal@...nel.org>, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 5.15.y] exfat: check if filename entries exceeds max
 filename length

On Sat, Aug 19, 2023 at 12:53:37AM -0700, Harshit Mogalapalli wrote:
> From: Namjae Jeon <linkinjeon@...nel.org>
> 
> [ Upstream commit d42334578eba1390859012ebb91e1e556d51db49 ]
> 
> exfat_extract_uni_name copies characters from a given file name entry into
> the 'uniname' variable. This variable is actually defined on the stack of
> the exfat_readdir() function. According to the definition of
> the 'exfat_uni_name' type, the file name should be limited 255 characters
> (+ null teminator space), but the exfat_get_uniname_from_ext_entry()
> function can write more characters because there is no check if filename
> entries exceeds max filename length. This patch add the check not to copy
> filename characters when exceeding max filename length.
> 
> Cc: stable@...r.kernel.org
> Cc: Yuezhang Mo <Yuezhang.Mo@...y.com>
> Reported-by: Maxim Suhanov <dfirblog@...il.com>
> Reviewed-by: Sungjong Seo <sj1557.seo@...sung.com>
> Signed-off-by: Namjae Jeon <linkinjeon@...nel.org>
> Signed-off-by: Sasha Levin <sashal@...nel.org>
> [Harshit: backport to 5.15.y]
> Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
> ---
> The conflict resolved patch for 6.1.y applies cleanly to 5.15.y as
> well.
> Note: This fix is already present in 5.10.y but missing in 5.15.y

Thanks for catching this, now queued up.

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ