mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-11-28 04:24:34 +08:00
270ef41094
If the minix filesystem tries to map a very large logical block number to
its on-disk location, block_to_path() can return offsets that are too
large, causing out-of-bounds memory accesses when accessing indirect index
blocks. This should be prevented by the check against the maximum file
size, but this doesn't work because the maximum file size is read directly
from the on-disk superblock and isn't validated itself.
Fix this by validating the maximum file size at mount time.
Fixes:
|
||
---|---|---|
.. | ||
bitmap.c | ||
dir.c | ||
file.c | ||
inode.c | ||
itree_common.c | ||
itree_v1.c | ||
itree_v2.c | ||
Kconfig | ||
Makefile | ||
minix.h | ||
namei.c |