[lvc-project] [PATCH 6.1.y] fs/ntfs3: Fixed overflow check in mi_enum_attr()
Nikita Zhandarovich
n.zhandarovich at fintech.ru
Sat Nov 30 18:58:25 MSK 2024
From: Konstantin Komarov <almaz.alexandrovich at paragon-software.com>
[ Upstream commit 652cfeb43d6b9aba5c7c4902bed7a7340df131fb ]
Reported-by: Robert Morris <rtm at csail.mit.edu>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich at paragon-software.com>
[Nikita: Fix for CVE-2024-27407 in 6.1.y. No changes were made
to get it to apply to older branch.]
Signed-off-by: Nikita Zhandarovich <n.zhandarovich at fintech.ru>
---
fs/ntfs3/record.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ntfs3/record.c b/fs/ntfs3/record.c
index 7ab452710572..826a756669a3 100644
--- a/fs/ntfs3/record.c
+++ b/fs/ntfs3/record.c
@@ -273,7 +273,7 @@ struct ATTRIB *mi_enum_attr(struct mft_inode *mi, struct ATTRIB *attr)
if (t16 > asize)
return NULL;
- if (t16 + le32_to_cpu(attr->res.data_size) > asize)
+ if (le32_to_cpu(attr->res.data_size) > asize - t16)
return NULL;
if (attr->name_len &&
--
2.25.1
More information about the lvc-project
mailing list