From mboxrd@z Thu Jan  1 00:00:00 1970
From: Hin-Tak Leung <hintak.leung@gmail.com>
Subject: [PATCH] hfsplus: fixes worst-case unicode to char conversion of file names
Date: Fri,  4 Apr 2014 20:46:08 +0100
Message-ID: <1396640768-28353-1-git-send-email-HinTak.Leung@gmail.com>
Cc: Hin-Tak Leung <htl10@users.sourceforge.net>,
	Vyacheslav Dubeyko <slava@dubeyko.com>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Christoph Hellwig <hch@infradead.org>
To: linux-fsdevel@vger.kernel.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mail-wi0-f179.google.com ([209.85.212.179]:42286 "EHLO
	mail-wi0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754365AbaDDTqR (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Fri, 4 Apr 2014 15:46:17 -0400
Received: by mail-wi0-f179.google.com with SMTP id z2so1912989wiv.12
        for <linux-fsdevel@vger.kernel.org>; Fri, 04 Apr 2014 12:46:16 -0700 (PDT)
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

From: Hin-Tak Leung <htl10@users.sourceforge.net>

The HFS Plus Volume Format specification (TN1150) states that
file names are stored internally as a maximum of 255 unicode
characters, as defined by The Unicode Standard, Version 2.0
[Unicode, Inc. ISBN 0-201-48345-9]. File names are converted by
the NLS system on Linux before presented to the user.

Though it is rare, the worst-case is 255 CJK characters converting
to UTF-8 with 1 unicode character to 3 bytes. Surrogate pairs are
no worse. The receiver buffer needs to be 255 x 3 bytes,
not 255 bytes as the code has always been.

Signed-off-by: Hin-Tak Leung <htl10@users.sourceforge.net>
CC: Vyacheslav Dubeyko <slava@dubeyko.com>
CC: Al Viro <viro@zeniv.linux.org.uk>
CC: Christoph Hellwig <hch@infradead.org>
---
 fs/hfsplus/dir.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c
index bdec665..381c668 100644
--- a/fs/hfsplus/dir.c
+++ b/fs/hfsplus/dir.c
@@ -127,7 +127,7 @@ static int hfsplus_readdir(struct file *file, struct dir_context *ctx)
 	struct inode *inode = file_inode(file);
 	struct super_block *sb = inode->i_sb;
 	int len, err;
-	char strbuf[HFSPLUS_MAX_STRLEN + 1];
+	char strbuf[3 * HFSPLUS_MAX_STRLEN + 1];
 	hfsplus_cat_entry entry;
 	struct hfs_find_data fd;
 	struct hfsplus_readdir_data *rd;
@@ -193,7 +193,7 @@ static int hfsplus_readdir(struct file *file, struct dir_context *ctx)
 		hfs_bnode_read(fd.bnode, &entry, fd.entryoffset,
 			fd.entrylength);
 		type = be16_to_cpu(entry.type);
-		len = HFSPLUS_MAX_STRLEN;
+		len = 3 * HFSPLUS_MAX_STRLEN;
 		err = hfsplus_uni2asc(sb, &fd.key->cat.name, strbuf, &len);
 		if (err)
 			goto out;
-- 
1.9.0