projects / openwrt / staging / blogic.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8844618) | patch
ext4: verify the depth of extent tree in ext4_find_extent()
authorTheodore Ts'o <tytso@mit.edu>
Thu, 14 Jun 2018 16:55:10 +0000 (12:55 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Thu, 14 Jun 2018 16:55:10 +0000 (12:55 -0400)
commitbc890a60247171294acc0bd67d211fa4b88d40ba
treecb1aeb05ac0a8eb30f12d49c68da6f1a65187bc2tree | snapshot
parent8844618d8aa7a9973e7b527d038a2a589665002ccommit | diff
ext4: verify the depth of extent tree in ext4_find_extent()

If there is a corupted file system where the claimed depth of the
extent tree is -1, this can cause a massive buffer overrun leading to
sadness.

This addresses CVE-2018-10877.

https://bugzilla.kernel.org/show_bug.cgi?id=199417

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
fs/ext4/ext4_extents.h diff | blob | history
fs/ext4/extents.c diff | blob | history
John Crispins staging tree