[Devel] [PATCH RH9 2/2] dm-ploop: Add check to process_update_delta_index()
Kirill Tkhai
ktkhai at virtuozzo.com
Tue Nov 23 13:58:22 MSK 2021
Check that userspace-passed BAT entry does not refer
boyond end of file.
https://jira.sw.ru/browse/PSBM-129477
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
drivers/md/dm-ploop-cmd.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/md/dm-ploop-cmd.c b/drivers/md/dm-ploop-cmd.c
index 9d0c1cae935f..ffa816c04239 100644
--- a/drivers/md/dm-ploop-cmd.c
+++ b/drivers/md/dm-ploop-cmd.c
@@ -759,13 +759,15 @@ static void notify_delta_merged(struct ploop *ploop, u8 level,
static int process_update_delta_index(struct ploop *ploop, u8 level,
const char *map)
{
+ struct ploop_delta *delta = &ploop->deltas[level];
u32 clu, dst_clu, n;
int ret;
write_lock_irq(&ploop->bat_rwlock);
/* Check all */
while (sscanf(map, "%u:%u;%n", &clu, &dst_clu, &n) == 2) {
- if (clu >= ploop->nr_bat_entries)
+ if (clu >= delta->nr_be ||
+ dst_clu >= POS_TO_CLU(ploop, delta->file_size))
break;
if (ploop_bat_entries(ploop, clu, NULL, NULL) == BAT_ENTRY_NONE)
break;
More information about the Devel
mailing list