From: Jaegeuk Kim <jaegeuk@kernel.org>
To: linux-f2fs-devel@lists.sourceforge.net
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Subject: [PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow
Date: Tue, 9 Oct 2018 17:46:47 -0700 [thread overview]
Message-ID: <20181010004647.21630-1-jaegeuk@kernel.org> (raw)
From: Randall Huang <huangrandall@google.com>
If the len is less than 24, heap buffer overflow is reported.
Signed-off-by: Randall Huang <huangrandall@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
fsck/fsck.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fsck/fsck.c b/fsck/fsck.c
index 85d9823..1fc168f 100644
--- a/fsck/fsck.c
+++ b/fsck/fsck.c
@@ -1170,10 +1170,12 @@ int convert_encrypted_name(unsigned char *name, u32 len,
memcpy(new, name, len);
new[len] = 0;
return len;
+ } else if (len != 24) {
+ ASSERT_MSG("len: %d, encrypted name must be 24\n", len);
}
*new = '_';
- return digest_encode((const char *)name, 24, (char *)new + 1);
+ return digest_encode((const char *)name, len, (char *)new + 1);
}
static void print_dentry(__u32 depth, __u8 *name,
--
2.19.0.605.g01d371f741-goog
next reply other threads:[~2018-10-10 0:46 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-10 0:46 Jaegeuk Kim [this message]
2018-10-15 12:09 ` [PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow Chao Yu
2018-10-15 23:05 ` Jaegeuk Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181010004647.21630-1-jaegeuk@kernel.org \
--to=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).