From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jaegeuk Kim Subject: [PATCH 4.5 162/200] f2fs crypto: fix corrupted symlink in encrypted case Date: Mon, 2 May 2016 17:12:41 -0700 Message-Id: <20160503000559.906233218@linuxfoundation.org> In-Reply-To: <20160503000554.631204776@linuxfoundation.org> References: <20160503000554.631204776@linuxfoundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: 4.5-stable review patch. If anyone has any objections, please let me know. ------------------ From: Jaegeuk Kim commit c90e09f7fb498f81cd4e8bb6460d3a26ccebeca3 upstream. In the encrypted symlink case, we should check its corrupted symname after decrypting it. Otherwise, we can report -ENOENT incorrectly, if encrypted symname starts with '\0'. Signed-off-by: Jaegeuk Kim Signed-off-by: Greg Kroah-Hartman --- fs/f2fs/namei.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) --- a/fs/f2fs/namei.c +++ b/fs/f2fs/namei.c @@ -980,12 +980,6 @@ static const char *f2fs_encrypted_get_li } memcpy(cstr.name, sd->encrypted_path, cstr.len); - /* this is broken symlink case */ - if (unlikely(cstr.name[0] == 0)) { - res = -ENOENT; - goto errout; - } - if ((cstr.len + sizeof(struct f2fs_encrypted_symlink_data) - 1) > max_size) { /* Symlink data on the disk is corrupted */ @@ -1002,6 +996,12 @@ static const char *f2fs_encrypted_get_li kfree(cstr.name); + /* this is broken symlink case */ + if (unlikely(pstr.name[0] == 0)) { + res = -ENOENT; + goto errout; + } + paddr = pstr.name; /* Null-terminate the name */