From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by oss.sgi.com (8.14.3/8.14.3/SuSE Linux 0.8) with ESMTP id pAKFZXmr163617 for ; Sun, 20 Nov 2011 09:35:34 -0600 Received: from bombadil.infradead.org (localhost [127.0.0.1]) by cuda.sgi.com (Spam Firewall) with ESMTP id 3B49A26611B for ; Sun, 20 Nov 2011 07:35:32 -0800 (PST) Received: from bombadil.infradead.org (173-166-109-252-newengland.hfc.comcastbusiness.net [173.166.109.252]) by cuda.sgi.com with ESMTP id dDgKRH4tGgCr9DRA for ; Sun, 20 Nov 2011 07:35:32 -0800 (PST) Received: from hch by bombadil.infradead.org with local (Exim 4.76 #1 (Red Hat Linux)) id 1RS9Qa-00070k-9D for xfs@oss.sgi.com; Sun, 20 Nov 2011 15:35:32 +0000 Date: Sun, 20 Nov 2011 10:35:32 -0500 From: Christoph Hellwig Subject: [PATCH] xfs: validate acl count Message-ID: <20111120153532.GA26918@infradead.org> MIME-Version: 1.0 Content-Disposition: inline List-Id: XFS Filesystem from SGI List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xfs-bounces@oss.sgi.com Errors-To: xfs-bounces@oss.sgi.com To: xfs@oss.sgi.com This prevents in-memory corruption and possible panics if the on-disk ACL is badly corrupted. Signed-off-by: Christoph Hellwig Index: xfs/fs/xfs/xfs_acl.c =================================================================== --- xfs.orig/fs/xfs/xfs_acl.c 2011-11-20 12:49:11.181244706 +0100 +++ xfs/fs/xfs/xfs_acl.c 2011-11-20 12:49:50.637697619 +0100 @@ -42,6 +42,8 @@ xfs_acl_from_disk(struct xfs_acl *aclp) int count, i; count = be32_to_cpu(aclp->acl_cnt); + if (count > XFS_ACL_MAX_ENTRIES) + return ERR_PTR(-EFSCORRUPTED); acl = posix_acl_alloc(count, GFP_KERNEL); if (!acl) _______________________________________________ xfs mailing list xfs@oss.sgi.com http://oss.sgi.com/mailman/listinfo/xfs