linux

History

Jeongjun Park 2d8636119b exfat: fix out-of-bounds in exfat_nls_to_ucs2() Since the len argument value passed to exfat_ioctl_set_volume_label() from exfat_nls_to_utf16() is passed 1 too large, an out-of-bounds read occurs when dereferencing p_cstring in exfat_nls_to_ucs2() later. And because of the NLS_NAME_OVERLEN macro, another error occurs when creating a file with a period at the end using utf8 and other iocharsets. So to avoid this, you should remove the code that uses NLS_NAME_OVERLEN macro and make the len argument value be the length of the label string, but with a maximum length of FSLABEL_MAX - 1. Reported-by: syzbot+98cc76a76de46b3714d4@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=98cc76a76de46b3714d4 Fixes: `d01579d590` ("exfat: Add support for FS_IOC_{GET,SET}FSLABEL") Suggested-by: Pali Rohár <pali@kernel.org> Signed-off-by: Jeongjun Park <aha310510@gmail.com> Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>		2025-10-15 17:53:20 +09:00
..
Kconfig	fs: add CONFIG_BUFFER_HEAD	2023-08-02 09:13:09 -06:00
Makefile	…
balloc.c	exfat: optimize allocation bitmap loading time	2025-09-30 13:34:43 +09:00
cache.c	move asm/unaligned.h to linux/unaligned.h	2024-10-02 17:23:23 -04:00
dir.c	exfat: Add support for FS_IOC_{GET,SET}FSLABEL	2025-09-30 13:49:31 +09:00
exfat_fs.h	exfat: fix out-of-bounds in exfat_nls_to_ucs2()	2025-10-15 17:53:20 +09:00
exfat_raw.h	exfat: Add support for FS_IOC_{GET,SET}FSLABEL	2025-09-30 13:49:31 +09:00
fatent.c	exfat: limit log print for IO error	2025-09-30 13:34:42 +09:00
file.c	exfat: fix out-of-bounds in exfat_nls_to_ucs2()	2025-10-15 17:53:20 +09:00
inode.c	exfat: drop redundant conversion to bool	2025-09-30 13:34:43 +09:00
misc.c	exfat: convert to new timestamp accessors	2023-10-18 13:26:21 +02:00
namei.c	exfat: fix out-of-bounds in exfat_nls_to_ucs2()	2025-10-15 17:53:20 +09:00
nls.c	exfat: fix out-of-bounds in exfat_nls_to_ucs2()	2025-10-15 17:53:20 +09:00
super.c	exfat: combine iocharset and utf8 option setup	2025-09-30 13:41:22 +09:00