Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 9ec33a9b8790c212cc926a88c5e2105f97f3f57e
commit9ec33a9b8790c212cc926a88c5e2105f97f3f57e[log] [tgz]
authorJan Kara <jack@suse.cz>Mon Oct 18 12:37:41 2021 +0200
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Fri Nov 12 13:18:02 2021 +0100
treebaf8b6c62fdfe28bb3aab162bda0be2741cfc2b4
parent7dca9fa41c185e2e43f6dbc211d366d3a77341d8 [diff]
isofs: Fix out of bound access for corrupted isofs image

commit e96a1866b40570b5950cda8602c2819189c62a48 upstream.

When isofs image is suitably corrupted isofs_read_inode() can read data
beyond the end of buffer. Sanity-check the directory entry length before
using it.

Reported-and-tested-by: syzbot+6fc7fb214625d82af7d1@syzkaller.appspotmail.com
CC: stable@vger.kernel.org
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: baf8b6c62fdfe28bb3aab162bda0be2741cfc2b4
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS