Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c6f89dfd authored by Kinglong Mee's avatar Kinglong Mee Committed by Jaegeuk Kim
Browse files

f2fs: sanity check of crc_offset from raw checkpoint 



The crc_offset towards or beyond the end of block is wrong,
sanity check it.

Signed-off-by: default avatarKinglong Mee <kinglongmee@gmail.com>
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
parent d03ba4cc

fs/f2fs/checkpoint.c

+1 −1
Original line number Diff line number Diff line
@@ -678,7 +678,7 @@ static int get_checkpoint_version(struct f2fs_sb_info *sbi, block_t cp_addr, 
	*cp_block = (struct f2fs_checkpoint *)page_address(*cp_page);



	crc_offset = le32_to_cpu((*cp_block)->checksum_offset);

	if (crc_offset >= blk_size) {

	if (crc_offset > (blk_size - sizeof(__le32))) {

		f2fs_msg(sbi->sb, KERN_WARNING,

			"invalid crc_offset: %zu", crc_offset);

		return -EINVAL;