shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-05 12:43:09 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
3f36595eb70c3bfda7c66763249799ba9ca0d4e0
linux/fs
History
Harshit Mogalapalli 4d7bc86ea5 cifs: potential buffer overflow in handling symlinks 
[ Upstream commit 64c4a37ac0 ]

Smatch printed a warning:
	arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:
	__memcpy() 'dctx->buf' too small (16 vs u32max)

It's caused because Smatch marks 'link_len' as untrusted since it comes
from sscanf(). Add a check to ensure that 'link_len' is not larger than
the size of the 'link_str' buffer.

Fixes: c69c1b6eae ("cifs: implement CIFSParseMFSymlink()")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-06-29 09:26:08 +09:00
..
9p
9P: Cast to loff_t before multiplying
2023-05-16 09:45:39 +09:00
adfs
fs/adfs: super: fix use-after-free bug
2023-05-15 14:09:05 +09:00
affs
affs: fix basic permission bits to actually work
2023-05-16 09:05:59 +09:00
afs
afs: Fix large file support
2023-05-15 16:47:08 +09:00
autofs4
autofs: fix a leak in autofs_expire_indirect()
2023-05-15 16:08:48 +09:00
befs
Merge tag 'befs-v4.9-rc1' of git://github.com/luisbg/linux-befs
2016-10-15 12:09:13 -07:00
bfs
bfs: add sanity check at bfs_fill_super()
2023-05-15 09:57:32 +09:00
btrfs
btrfs: unlock newly allocated extent buffer after error
2023-05-16 12:46:14 +09:00
cachefiles
cachefiles: Handle readpage error correctly
2023-05-16 09:45:46 +09:00
ceph
ceph: lockdep annotations for try_nonblocking_invalidate
2023-05-16 11:52:42 +09:00
cifs
cifs: potential buffer overflow in handling symlinks
2023-06-29 09:26:08 +09:00
coda
coda: add error handling for fget
2023-05-15 14:09:19 +09:00
configfs
configfs: fix a race in configfs_{,un}register_subsystem()
2023-05-16 12:43:46 +09:00
cramfs
Cramfs: fix abad comparison when wrap-arounds occur
2023-05-15 09:23:12 +09:00
crypto
fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
2023-05-16 09:44:26 +09:00
debugfs
debugfs: fix use-after-free on symlink traversal
2023-05-15 12:38:42 +09:00
devpts
fs/devpts: always delete dcache dentry-s in dput()
2023-05-15 12:05:59 +09:00
dlm
fs: dlm: filter user dlm messages for kernel locks
2023-05-16 12:32:06 +09:00
ecryptfs
Revert "ecryptfs: replace BUG_ON with error handling code"
2023-05-16 11:05:36 +09:00
efivarfs
efivarfs: revert "fix memory leak in efivarfs_create()"
2023-05-16 09:50:21 +09:00
efs
fs/efs/super.c: fix return value
2016-05-20 17:58:30 -07:00
exfat
Amlogic: sync the code from mainline. [1/1]
2020-02-04 13:48:58 +09:00
exofs
fs/exofs: fix potential memory leak in mount option parsing
2023-05-15 09:51:17 +09:00
exportfs
exportfs: fix 'passing zero to ERR_PTR()' warning
2023-05-15 16:42:45 +09:00
ext2
ext2: correct max file size computing
2023-06-29 09:26:03 +09:00
ext4
ext4: don't BUG if someone dirty pages without asking ext4 first
2023-06-29 09:26:05 +09:00
f2fs
f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
2023-05-16 11:04:00 +09:00
fat
fat: don't allow to mount if the FAT length == 0
2023-05-15 17:33:02 +09:00
freevxfs
freevxfs: update Kconfig information
2016-06-13 10:20:39 +02:00
fscache
fscache: fix race between enablement and dropping of object
2023-05-15 10:31:45 +09:00
fuse
fuse: fix live lock in fuse_iget()
2023-05-16 12:33:18 +09:00
gfs2
gfs2: Make sure FITRIM minlen is rounded up to fs block size
2023-06-29 09:26:06 +09:00
hfs
hfs: add lock nesting notation to hfs_find_init
2023-05-16 11:34:52 +09:00
hfsplus
hfsplus: fix crash and filesystem corruption when deleting files
2023-05-15 17:14:59 +09:00
hostfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-10 20:16:43 -07:00
hpfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-10 20:16:43 -07:00
hugetlbfs
hugetlbfs: hugetlb_fault_mutex_hash() cleanup
2023-05-16 11:11:10 +09:00
isofs
isofs: Fix out of bound access for corrupted isofs image
2023-05-16 12:02:36 +09:00
jbd2
jbd2: abort journal if free a async write error metadata buffer
2023-05-16 08:57:16 +09:00
jffs2
jffs2: fix memory leak in jffs2_scan_medium
2023-06-29 09:26:00 +09:00
jfs
jfs: prevent NULL deref in diFree
2023-06-29 09:26:08 +09:00
kernfs
kernfs: Fix range checks in kernfs_get_target_path
2023-05-15 15:09:25 +09:00
lockd
lockd: don't use interval-based rebinding over TCP
2023-05-16 09:57:34 +09:00
logfs
ANDROID: fs: logfs: fix filler function type
2018-03-02 13:27:29 -08:00
minix
fs/minix: reject too-large maximum file size
2023-05-16 08:47:27 +09:00
ncpfs
ncpfs: fix build warning of strncpy
2023-05-15 11:49:44 +09:00
nfs
NFS: remove unneeded check in decode_devicenotify_args()
2023-06-29 09:26:04 +09:00
nfs_common
nfs_common: need lock during iterate through the list
2023-05-16 09:58:02 +09:00
nfsd
NFSD: prevent underflow in nfssvc_decode_writeargs()
2023-06-29 09:26:00 +09:00
nilfs2
nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
2023-05-16 11:52:49 +09:00
nls
notify
fanotify: fix handling of events on child sub-directory
2023-05-15 11:16:44 +09:00
ntfs
ntfs: add sanity check on allocation size
2023-06-29 09:26:05 +09:00
ocfs2
ocfs2: fix data corruption on truncate
2023-05-16 12:08:58 +09:00
omfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-10 20:16:43 -07:00
openpromfs
fs: Replace CURRENT_TIME with current_time() for inode timestamps
2016-09-27 21:06:21 -04:00
orangefs
fs: orangefs: fix error return code of orangefs_revalidate_lookup()
2023-05-16 12:15:27 +09:00
overlayfs
ovl: fix missing negative dentry check in ovl_rename()
2023-05-16 12:00:17 +09:00
proc
proc/vmcore: fix clearing user buffer by properly using clear_user()
2023-05-16 12:21:08 +09:00
pstore
pstore/ram: Write new dumps to start of recycled zones
2023-05-15 16:32:06 +09:00
qnx4
qnx4: work around gcc false positive warning bug
2023-05-16 11:53:36 +09:00
qnx6
more trivial ->iterate_shared conversions
2016-05-09 11:41:14 -04:00
quota
quota: make dquot_quota_sync return errors from ->sync_fs
2023-05-16 12:42:55 +09:00
ramfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-10 20:16:43 -07:00
reiserfs
reiserfs: check directory items on read from disk
2023-05-16 11:36:04 +09:00
romfs
romfs: fix uninitialized memory leak in romfs_dev_read()
2023-05-16 08:54:39 +09:00
sdcardfs
sdcardfs: revert because compile fail [1/1]
2020-12-17 17:32:09 +09:00
squashfs
squashfs: fix divide error in calculate_skip()
2023-05-16 11:04:20 +09:00
sysfs
fs: sysfs_emit: Remove PAGE_SIZE alignment check
2023-05-16 12:46:30 +09:00
sysv
sysv: return 'err' instead of 0 in __sysv_write_inode
2023-05-15 10:31:02 +09:00
tracefs
tracefs: Set the group ownership in apply_options() not parse_options()
2023-05-16 12:43:55 +09:00
ubifs
ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
2023-06-29 09:26:06 +09:00
udf
udf: Fix NULL ptr deref when converting from inline format
2023-05-16 12:34:40 +09:00
ufs
fs/ufs: avoid potential u32 multiplication overflow
2023-05-16 08:48:37 +09:00
xfs
xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
2023-05-16 12:30:02 +09:00
aio.c
aio: fix spectre gadget in lookup_ioctx
2023-05-15 10:36:26 +09:00
anon_inodes.c
attr.c
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
2017-01-31 10:47:22 -08:00
bad_inode.c
bad_inode: add missing i_op initializers
2017-01-09 08:32:24 +01:00
binfmt_aout.c
fs: fix binfmt_aout.c build error
2016-05-28 16:34:59 -07:00
binfmt_elf_fdpic.c
elf_fdpic_transfer_args_to_stack(): make it generic
2016-07-25 16:51:49 +10:00
binfmt_elf.c
fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
2023-05-15 17:30:19 +09:00
binfmt_em86.c
fs/binfmt_em86.c: fix incompatible pointer type
2016-08-02 19:35:15 -04:00
binfmt_flat.c
fs/binfmt_flat.c: make load_flat_shared_library() work
2023-05-15 13:55:59 +09:00
binfmt_misc.c
binfmt_misc: fix possible deadlock in bm_register_write
2023-05-16 10:47:44 +09:00
binfmt_script.c
exec: load_script: Do not exec truncated interpreter path
2023-05-15 14:54:58 +09:00
block_dev.c
bdev: Reduce time holding bd_mutex in sync in blkdev_close()
2023-05-16 09:16:10 +09:00
buffer.c
fs: Don't invalidate page buffers in block_write_full_page()
2023-05-16 09:45:07 +09:00
char_dev.c
chardev: add helper function to register char devs with a struct device
2023-05-15 17:27:22 +09:00
compat_binfmt_elf.c
binfmt_elf: compat: avoid unused function warning
2018-02-25 11:05:55 +01:00
compat_ioctl.c
fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP
2023-05-15 16:30:53 +09:00
compat.c
compat: remove compat_printk()
2016-09-27 21:20:53 -04:00
coredump.c
Merge 4.9.36 into android-4.9
2017-07-05 16:18:14 +02:00
dax.c
fs/dax.c: fix inefficiency in dax_writeback_mapping_range()
2018-02-28 10:18:33 +01:00
dcache.c
Hang/soft lockup in d_invalidate with simultaneous calls
2023-05-15 12:07:04 +09:00
dcookies.c
direct-io.c
fs: direct-io: fix missing sdio->boundary
2023-05-16 10:51:34 +09:00
drop_caches.c
fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
2023-05-15 11:50:41 +09:00
eventfd.c
eventfd: document lockless access in eventfd_poll
2016-03-22 15:36:02 -07:00
eventpoll.c
ep_create_wakeup_source(): dentry name can change under you...
2023-05-16 09:23:53 +09:00
exec.c
vfs: check fd has read access in kernel_read_file_from_fd()
2023-05-16 12:01:25 +09:00
fcntl.c
fs/fcntl: f_setown, avoid undefined behaviour
2018-01-31 12:55:52 +01:00
fhandle.c
fs/coredump: prevent fsuid=0 dumps into user-controlled directories
2016-03-22 15:36:02 -07:00
file_table.c
fs: add fget_many() and fput_many()
2023-05-16 12:21:36 +09:00
file.c
fget: clarify and improve __fget_files() implementation
2023-05-16 12:44:06 +09:00
filesystems.c
find_filesystem(): simplify comparison
2016-01-19 12:02:23 -05:00
fs_pin.c
fs_struct.c
ANDROID: fs: Export free_fs_struct and set_fs_pwd
2017-01-31 15:46:26 -08:00
fs-writeback.c
writeback: fix obtain a reference to a freeing memcg css
2023-05-16 11:24:17 +09:00
inode.c
futex: Fix inode life-time issue
2023-05-15 17:11:10 +09:00
internal.h
Merge 4.9.51 into android-4.9
2017-09-20 09:59:51 +02:00
ioctl.c
vfs: cap dedupe request structure size at PAGE_SIZE
2016-09-15 13:29:52 -07:00
iomap.c
iomap: fix integer truncation issues in the zeroing and dirtying helpers
2017-09-20 08:19:59 +02:00
Kconfig
fs: add exfat file system support
2017-09-26 00:32:37 -07:00
Kconfig.binfmt
ARM: 8594/1: enable binfmt_flat on systems with an MMU
2016-08-12 16:47:05 +01:00
libfs.c
libfs: fix error cast of negative value in simple_attr_write()
2023-05-16 09:49:21 +09:00
locks.c
locks: print unsigned ino in /proc/locks
2023-05-15 16:30:25 +09:00
Makefile
fs: add exfat file system support
2017-09-26 00:32:37 -07:00
mbcache.c
mbcache: initialize entry->e_referenced in mb_cache_entry_create()
2018-02-22 15:43:48 +01:00
mount.h
mnt: In propgate_umount handle visiting mounts in any order
2017-07-21 07:42:22 +02:00
mpage.c
mm: optimize stack usage for functions [1/1]
2018-12-17 17:21:59 +08:00
namei.c
namei: only return -ECHILD from follow_dotdot_rcu()
2023-05-15 17:02:00 +09:00
namespace.c
fs: warn about impending deprecation of mandatory locks
2023-05-16 11:42:38 +09:00
no-block.c
nsfs.c
nsfs: mark dentry with DCACHE_RCUACCESS
2018-02-17 13:21:15 +01:00
open.c
cifs_atomic_open(): fix double-put on late allocation failure
2023-05-15 17:09:26 +09:00
pipe.c
pipe: increase minimum default pipe size to 2 pages
2023-05-16 11:35:56 +09:00
pnode.c
propagate_one(): mnt_set_mountpoint() needs mount_lock
2023-05-15 17:24:29 +09:00
pnode.h
mnt: Tuck mounts under others instead of creating shadow/side mounts.
2017-03-15 02:21:16 +00:00
posix_acl.c
tmpfs: clear S_ISGID when setting posix ACLs
2017-01-26 08:24:37 +01:00
proc_namespace.c
ANDROID: vfs: Allow filesystems to access their private mount data
2017-01-31 10:47:20 -08:00
read_write.c
fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock
2023-05-15 13:41:13 +09:00
readdir.c
filldir[64]: remove WARN_ON_ONCE() for bad directory entries
2023-05-15 16:21:37 +09:00
select.c
kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data()
2023-05-16 10:48:22 +09:00
seq_file.c
seq_file: disallow extremely large seq buffer allocations
2023-05-16 11:28:00 +09:00
signalfd.c
signalfd: use wake_up_pollfree()
2023-05-16 12:22:18 +09:00
splice.c
fs: prevent page refcount overflow in pipe_buf_get
2023-05-15 13:40:35 +09:00
stack.c
stat.c
ufs: restore maintaining ->i_blocks
2017-06-14 15:06:01 +02:00
statfs.c
super.c
vfs: make freeze_super abort when sync_filesystem returns error
2023-05-16 12:42:54 +09:00
sync.c
ANDROID: sched: add a counter to track fsync
2017-03-14 13:16:06 -07:00
timerfd.c
timerfd: Protect the might cancel mechanism proper
2017-05-08 07:47:54 +02:00
userfaultfd.c
userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
2023-05-15 14:21:05 +09:00
utimes.c
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
2017-01-31 10:47:21 -08:00
xattr.c
xattr: break delegations in {set,remove}xattr
2023-05-16 08:45:19 +09:00