xfs
[Top] [All Lists]

[PATCH] xfs: validate acl count

To: xfs@xxxxxxxxxxx
Subject: [PATCH] xfs: validate acl count
From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date: Sun, 20 Nov 2011 10:35:32 -0500
User-agent: Mutt/1.5.21 (2010-09-15)
This prevents in-memory corruption and possible panics if the on-disk
ACL is badly corrupted.

Signed-off-by: Christoph Hellwig <hch@xxxxxx>

Index: xfs/fs/xfs/xfs_acl.c
===================================================================
--- xfs.orig/fs/xfs/xfs_acl.c   2011-11-20 12:49:11.181244706 +0100
+++ xfs/fs/xfs/xfs_acl.c        2011-11-20 12:49:50.637697619 +0100
@@ -42,6 +42,8 @@ xfs_acl_from_disk(struct xfs_acl *aclp)
        int count, i;
 
        count = be32_to_cpu(aclp->acl_cnt);
+       if (count > XFS_ACL_MAX_ENTRIES)
+               return ERR_PTR(-EFSCORRUPTED);
 
        acl = posix_acl_alloc(count, GFP_KERNEL);
        if (!acl)

<Prev in Thread] Current Thread [Next in Thread>