UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/fs/jfs
History
Jeongjun Park c1ba4b8ca7 jfs: fix out-of-bounds in dbNextAG() and diAlloc() 
[ Upstream commit e63866a475562810500ea7f784099bfe341e761a ]

In dbNextAG() , there is no check for the case where bmp->db_numag is
greater or same than MAXAG due to a polluted image, which causes an
out-of-bounds. Therefore, a bounds check should be added in dbMount().

And in dbNextAG(), a check for the case where agpref is greater than
bmp->db_numag should be added, so an out-of-bounds exception should be
prevented.

Additionally, a check for the case where agno is greater or same than
MAXAG should be added in diAlloc() to prevent out-of-bounds.

Reported-by: Jeongjun Park <aha310510@gmail.com>
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Jeongjun Park <aha310510@gmail.com>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-10-04 16:29:10 +02:00
..
Kconfig 22 smb3/cifs client fixes and two related changes (for unicode mapping) 2023-08-30 21:01:40 -07:00
Makefile fs/jfs: Use common ucs2 upper case table 2023-08-30 08:55:52 -05:00
acl.c jfs: convert to ctime accessor functions 2023-07-24 10:30:01 +02:00
file.c splice: Use filemap_splice_read() instead of generic_file_splice_read() 2023-05-24 08:42:17 -06:00
inode.c jfs: convert to ctime accessor functions 2023-07-24 10:30:01 +02:00
ioctl.c jfs: convert to ctime accessor functions 2023-07-24 10:30:01 +02:00
jfs_acl.h fs: port ->set_acl() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
jfs_btree.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_debug.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
jfs_debug.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_dinode.h jfs: define xtree root and page independently 2024-08-29 17:33:42 +02:00
jfs_discard.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_discard.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_dmap.c jfs: fix out-of-bounds in dbNextAG() and diAlloc() 2024-10-04 16:29:10 +02:00
jfs_dmap.h jfs: Fix array index bounds check in dbAdjTree 2020-11-13 16:03:07 -06:00
jfs_dtree.c jfs: fix null ptr deref in dtInsertEntry 2024-08-19 06:04:30 +02:00
jfs_dtree.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_extent.c jfs: validate max amount of blocks before allocation. 2023-08-29 12:25:47 -05:00
jfs_extent.h jfs: remove unused declarations for jfs 2022-10-18 08:50:26 -05:00
jfs_filsys.h jfs: jfs_dmap: Validate db_l2nbperpage while mounting 2023-06-20 12:37:50 -05:00
jfs_imap.c jfs: fix out-of-bounds in dbNextAG() and diAlloc() 2024-10-04 16:29:10 +02:00
jfs_imap.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_incore.h jfs: define xtree root and page independently 2024-08-29 17:33:42 +02:00
jfs_inode.c jfs: convert to ctime accessor functions 2023-07-24 10:30:01 +02:00
jfs_inode.h fs: port ->fileattr_set() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
jfs_lock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_logmgr.c jfs: fix log->bdev_handle null ptr deref in lbmStartIO 2024-08-19 06:04:25 +02:00
jfs_logmgr.h jfs: Convert to bdev_open_by_dev() 2024-08-19 06:04:25 +02:00
jfs_metapage.c mm,jfs: move write_one_page/folio_write_one to jfs 2023-03-12 20:00:42 -04:00
jfs_metapage.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_mount.c jfs: Convert to bdev_open_by_dev() 2024-08-19 06:04:25 +02:00
jfs_superblock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_txnmgr.c jfs: define xtree root and page independently 2024-08-29 17:33:42 +02:00
jfs_txnmgr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_types.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_umount.c jfs: Fix a typo in function jfs_umount 2022-11-10 15:08:00 -06:00
jfs_unicode.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_unicode.h fs/jfs: Use common ucs2 upper case table 2023-08-30 08:55:52 -05:00
jfs_xattr.h fs/jfs/jfs_xattr.h: Fix spelling typo in comment 2022-10-18 08:50:26 -05:00
jfs_xtree.c jfs: define xtree root and page independently 2024-08-29 17:33:42 +02:00
jfs_xtree.h jfs: define xtree root and page independently 2024-08-29 17:33:42 +02:00
namei.c A few small fixes 2023-08-31 15:25:01 -07:00
resize.c jfs: use sb_bdev_nr_blocks 2021-10-18 14:43:23 -06:00
super.c quota: Properly annotate i_dquot arrays with __rcu 2024-03-26 18:19:46 -04:00
symlink.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
xattr.c jfs: don't walk off the end of ealist 2024-07-27 11:34:08 +02:00