[PATCH] erofs-utils: fix random data in shared xattrs

Gao Xiang hsiangkao at redhat.com
Fri Nov 27 20:07:32 AEDT 2020


On Fri, Nov 27, 2020 at 04:33:34PM +0800, Huang Jianan wrote:
> There will be holes between xattr entry after EROFS_XATTR_ALIGN, so
> we should clear shared xattrs buff to avoid random data.
> 
> Signed-off-by: Huang Jianan <huangjianan at oppo.com>
> Signed-off-by: Guo Weichao <guoweichao at oppo.com>
> ---

Looks good,
Reviewed-by: Gao Xiang <hsiangkao at redhat.com>

It's mandatory for reproducable build. Also, need to
fix the bufops out-of-bound access as well (Will check
this weekend).

Thanks,
Gao Xiang

>  lib/xattr.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/xattr.c b/lib/xattr.c
> index 1ce3fb3..f9ec78c 100644
> --- a/lib/xattr.c
> +++ b/lib/xattr.c
> @@ -547,7 +547,7 @@ int erofs_build_shared_xattrs_from_path(const char *path)
>         if (!shared_xattrs_size)
>                 goto out;
> 
> -       buf = malloc(shared_xattrs_size);
> +       buf = calloc(1, shared_xattrs_size);
>         if (!buf)
>                 return -ENOMEM;
> 
> --
> 2.25.1
> 
> ________________________________
> OPPO
> 
> 本电子邮件及其附件含有OPPO公司的保密信息,仅限于邮件指明的收件人使用(包含个人及群组)。禁止任何人在未经授权的情况下以任何形式使用。如果您错收了本邮件,请立即以电子邮件通知发件人并删除本邮件及其附件。
> 
> This e-mail and its attachments contain confidential information from OPPO, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
> 



More information about the Linux-erofs mailing list