ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len - bcachefs.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Liu Song <liu.song11@zte.com.cn>	2020-01-16 23:36:07 +0800
committer	Richard Weinberger <richard@nod.at>	2020-03-30 23:02:37 +0200
commit	acc5af3efa303d5f36cc8c0f61716161f6ca1384 (patch)
tree	071f542397119ebef35bd95886f79fd931a181aa /fs/ubifs/debug.h
parent	294a8dbe34d3b2f6e48eb9058ed21d7fe9348b6b (diff)

ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len

In “ubifs_check_node”, when the value of "node_len" is abnormal, the code will goto label of "out_len" for execution. Then, in the following "ubifs_dump_node", if inode type is "UBIFS_DATA_NODE", in "print_hex_dump", an out-of-bounds access may occur due to the wrong "ch->len". Therefore, when the value of "node_len" is abnormal, data length should to be adjusted to a reasonable safe range. At this time, structured data is not credible, so dump the corrupted data directly for analysis. Signed-off-by: Liu Song <liu.song11@zte.com.cn> Signed-off-by: Richard Weinberger <richard@nod.at>

Diffstat (limited to 'fs/ubifs/debug.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: