[PATCH 1/3] erofs-utils: lib: fix potential out-of-bound in xattr_entrylist()

Jingbo Xu jefflexu at linux.alibaba.com
Tue Aug 15 19:15:19 AEST 2023


Check the index before accessing array to avoid the potential
out-of-bound access.

Fixes: c47df5aa2d16 ("erofs-utils: fuse: introduce xattr support")
Signed-off-by: Jingbo Xu <jefflexu at linux.alibaba.com>
---
 lib/xattr.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/xattr.c b/lib/xattr.c
index 12f580e..2548750 100644
--- a/lib/xattr.c
+++ b/lib/xattr.c
@@ -1229,11 +1229,14 @@ static int xattr_entrylist(struct xattr_iter *_it,
 {
 	struct listxattr_iter *it =
 		container_of(_it, struct listxattr_iter, it);
+	unsigned int base_index = entry->e_name_index;
 	unsigned int prefix_len;
 	const char *prefix;
 
-	prefix = xattr_types[entry->e_name_index].prefix;
-	prefix_len = xattr_types[entry->e_name_index].prefix_len;
+	if (base_index >= ARRAY_SIZE(xattr_types))
+		return 1;
+	prefix = xattr_types[base_index].prefix;
+	prefix_len = xattr_types[base_index].prefix_len;
 
 	if (!it->buffer) {
 		it->buffer_ofs += prefix_len + entry->e_name_len + 1;
-- 
2.19.1.6.gb485710b



More information about the Linux-erofs mailing list