[PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow

[PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow

[Jaegeuk Kim]

From: Randall Huang <huangrandall@google.com>

If the len is less than 24, heap buffer overflow is reported.

Signed-off-by: Randall Huang <huangrandall@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
 fsck/fsck.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/fsck/fsck.c b/fsck/fsck.c
index 85d9823..1fc168f 100644
--- a/fsck/fsck.c
+++ b/fsck/fsck.c
@@ -1170,10 +1170,12 @@ int convert_encrypted_name(unsigned char *name, u32 len,
 		memcpy(new, name, len);
 		new[len] = 0;
 		return len;
+	} else if (len != 24) {
+		ASSERT_MSG("len: %d, encrypted name must be 24\n", len);
 	}
 
 	*new = '_';
-	return digest_encode((const char *)name, 24, (char *)new + 1);
+	return digest_encode((const char *)name, len, (char *)new + 1);
 }
 
 static void print_dentry(__u32 depth, __u8 *name,
-- 
2.19.0.605.g01d371f741-goog

Re: [PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow

[Chao Yu]

On 2018/10/10 8:46, Jaegeuk Kim wrote:
> From: Randall Huang <huangrandall@google.com>
> 
> If the len is less than 24, heap buffer overflow is reported.
> 
> Signed-off-by: Randall Huang <huangrandall@google.com>
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

Reviewed-by: Chao Yu <yuchao0@huawei.com>

Thanks,

Re: [PATCH] fsck.f2fs: do not hard-code encrypted filename length to avoid heap buffer overflow

[Jaegeuk Kim]

On 10/15, Chao Yu wrote:
> On 2018/10/10 8:46, Jaegeuk Kim wrote:
> > From: Randall Huang <huangrandall@google.com>
> > 
> > If the len is less than 24, heap buffer overflow is reported.
> > 
> > Signed-off-by: Randall Huang <huangrandall@google.com>
> > Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> 
> Reviewed-by: Chao Yu <yuchao0@huawei.com>
> 
> Thanks,

The correct one should be this.

>From e78b033dea8ec556b9b4c216426150317a8e5640 Mon Sep 17 00:00:00 2001
From: Randall Huang <huangrandall@google.com>
Date: Tue, 9 Oct 2018 17:38:01 -0700
Subject: [PATCH] fsck.f2fs: do not hard-code encrypted filename length to
 avoid heap buffer overflow

If the len is less than 24, heap buffer overflow is reported.

Signed-off-by: Randall Huang <huangrandall@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
---
 fsck/fsck.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fsck/fsck.c b/fsck/fsck.c
index 85d9823..366ba13 100644
--- a/fsck/fsck.c
+++ b/fsck/fsck.c
@@ -1145,7 +1145,7 @@ static int digest_encode(const char *src, int len, char *dst)
 	int i = 0, bits = 0, ac = 0;
 	char *cp = dst;
 
-	while (i < len) {
+	while (i < len && i < 24) {
 		ac += (((unsigned char) src[i]) << bits);
 		bits += 8;
 		do {
@@ -1173,7 +1173,7 @@ int convert_encrypted_name(unsigned char *name, u32 len,
 	}
 
 	*new = '_';
-	return digest_encode((const char *)name, 24, (char *)new + 1);
+	return digest_encode((const char *)name, len, (char *)new + 1);
 }
 
 static void print_dentry(__u32 depth, __u8 *name,
-- 
2.19.0.605.g01d371f741-goog