From: Sheng Yong Date: Mon, 7 Jan 2019 07:02:34 +0000 (+0800) Subject: f2fs: check if file namelen exceeds max value X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=720db068634c91553a8e1d9a0fcd8c7050e06d2b;p=openwrt%2Fstaging%2Fblogic.git f2fs: check if file namelen exceeds max value Dentry bitmap is not enough to detect incorrect dentries. So this patch also checks the namelen value of a dentry. Signed-off-by: Gong Chen Signed-off-by: Sheng Yong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim --- diff --git a/fs/f2fs/dir.c b/fs/f2fs/dir.c index 926166528cd4..ba7535399d95 100644 --- a/fs/f2fs/dir.c +++ b/fs/f2fs/dir.c @@ -814,7 +814,8 @@ int f2fs_fill_dentries(struct dir_context *ctx, struct f2fs_dentry_ptr *d, /* check memory boundary before moving forward */ bit_pos += GET_DENTRY_SLOTS(le16_to_cpu(de->name_len)); - if (unlikely(bit_pos > d->max)) { + if (unlikely(bit_pos > d->max || + le16_to_cpu(de->name_len) > F2FS_NAME_LEN)) { f2fs_msg(sbi->sb, KERN_WARNING, "%s: corrupted namelen=%d, run fsck to fix.", __func__, le16_to_cpu(de->name_len));