hamza.kesraoui/sst-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38253922a8
sst-linux/fs
History
Simon Tatham 6387243bfe affs: don't write overlarge OFS data block size fields 
[ Upstream commit 011ea742a25a77bac3d995f457886a67d178c6f0 ]

If a data sector on an OFS floppy contains a value > 0x1e8 (the
largest amount of data that fits in the sector after its header), then
an Amiga reading the file can return corrupt data, by taking the
overlarge size at its word and reading past the end of the buffer it
read the disk sector into!

The cause: when affs_write_end_ofs() writes data to an OFS filesystem,
the new size field for a data block was computed by adding the amount
of data currently being written (into the block) to the existing value
of the size field. This is correct if you're extending the file at the
end, but if you seek backwards in the file and overwrite _existing_
data, it can lead to the size field being larger than the maximum
legal value.

This commit changes the calculation so that it sets the size field to
the max of its previous size and the position within the block that we
just wrote up to.

Signed-off-by: Simon Tatham <anakin@pobox.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-04-10 14:33:38 +02:00
..
9p fs/9p: fix uninitialized values during inode evict 2024-11-22 15:37:34 +01:00
adfs
affs affs: don't write overlarge OFS data block size fields 2025-04-10 14:33:38 +02:00
afs afs: Fix the server_list to unuse a displaced server rather than putting it 2025-03-07 16:56:43 +01:00
autofs
befs
bfs
btrfs btrfs: fix hole expansion when writing at an offset beyond EOF 2025-02-21 13:50:06 +01:00
cachefiles cachefiles: Fix NULL pointer dereference in object->file 2025-02-21 13:49:54 +01:00
ceph ceph: give up on paths longer than PATH_MAX 2025-01-17 13:34:36 +01:00
coda
configfs
cramfs
crypto fs: Create a generic is_dot_dotdot() utility 2024-10-17 15:21:17 +02:00
debugfs
devpts
dlm
ecryptfs fs: Create a generic is_dot_dotdot() utility 2024-10-17 15:21:17 +02:00
efivarfs efivarfs: Fix error on non-existent file 2024-12-27 13:52:55 +01:00
efs
erofs erofs: handle NONHEAD !delta[1] lclusters gracefully 2025-01-23 17:17:17 +01:00
exfat exfat: fix the infinite loop in exfat_find_last_cluster() 2025-04-10 14:33:37 +02:00
exportfs
ext2 ext2: Verify bitmap and itable block numbers before using them 2024-08-03 08:49:32 +02:00
ext4 ext4: fix access to uninitialised lock in fc replay path 2025-02-01 18:30:10 +01:00
f2fs f2fs: fix to wait dio completion 2025-02-21 13:50:12 +01:00
fat fat: fix uninitialized variable 2024-10-22 15:56:43 +02:00
freevxfs
fscache netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING 2024-12-14 19:53:15 +01:00
fuse fuse: fix dax truncate/punch_hole fault path 2025-04-10 14:33:36 +02:00
gfs2 gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag 2025-02-01 18:30:09 +01:00
hfs hfs: Sanity check the root record 2025-01-23 17:17:11 +01:00
hfsplus hfsplus: don't query the device logical block size multiple times 2024-12-14 19:53:16 +01:00
hostfs
hpfs
hugetlbfs mm/hugetlb: add hugetlb_folio_subpool() helpers 2024-05-17 11:55:51 +02:00
iomap iomap: avoid avoid truncating 64-bit offset to 32 bits 2025-01-23 17:17:12 +01:00
isofs isofs: fix KMSAN uninit-value bug in do_isofs_readdir() 2025-04-10 14:33:35 +02:00
jbd2 jbd2: flush filesystem device before updating tail sequence 2025-01-17 13:34:37 +01:00
jffs2 jffs2: Fix rtime decompressor 2024-12-14 19:54:52 +01:00
jfs jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree 2024-12-14 19:54:43 +01:00
kernfs kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files 2024-08-29 17:30:35 +02:00
lockd nfsd: stop setting ->pg_stats for unused stats 2024-08-19 06:00:04 +02:00
minix
netfs
nfs NFSv4: Don't trigger uneccessary scans for return-on-close delegations 2025-04-10 14:33:36 +02:00
nfs_common
nfsd NFSD: fix hang in nfsd4_shutdown_callback 2025-02-21 13:49:56 +01:00
nilfs2 nilfs2: handle errors that nilfs_prepare_chunk() may return 2025-03-13 12:53:25 +01:00
nls
notify fsnotify: fix sending inotify event with unexpected filename 2024-12-14 19:53:59 +01:00
ntfs
ntfs3 fs/ntfs3: Fix a couple integer overflows on 32bit systems 2025-04-10 14:33:36 +02:00
ocfs2 ocfs2: validate l_tree_depth to avoid out-of-bounds access 2025-04-10 14:33:36 +02:00
omfs
openpromfs openpromfs: finish conversion to the new mount API 2024-06-12 11:03:03 +02:00
orangefs orangefs: fix a oob in orangefs_debug_write 2025-02-21 13:50:00 +01:00
overlayfs ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up 2025-03-07 16:56:42 +01:00
proc fs/procfs: fix the comment above proc_pid_wchan() 2025-04-10 14:33:37 +02:00
pstore pstore/blk: trivial typo fixes 2025-02-21 13:48:53 +01:00
qnx4
qnx6
quota quota: flush quota_release_work upon quota writeback 2024-12-14 19:54:10 +01:00
ramfs
reiserfs reiserfs: fix uninit-value in comp_keys 2024-08-29 17:30:20 +02:00
romfs
smb ksmbd: fix multichannel connection failure 2025-04-10 14:33:37 +02:00
squashfs Squashfs: check the inode number is not the invalid value of zero 2025-03-07 16:56:51 +01:00
sysfs fs: sysfs: Fix reference leak in sysfs_break_active_protection() 2024-04-27 17:07:16 +02:00
sysv sysv: don't call sb_bread() with pointers_lock held 2024-04-13 13:05:05 +02:00
tracefs
ubifs ubifs: skip dumping tnc tree when zroot is null 2025-02-21 13:49:21 +01:00
udf udf: Fix directory iteration for longer tail extents 2024-12-27 13:53:01 +01:00
ufs
unicode Revert "unicode: Don't special case ignorable code points" 2024-12-14 19:54:50 +01:00
vboxsf vboxsf: fix building with GCC 15 2025-03-28 21:58:51 +01:00
verity
xfs xfs: give xfs_extfree_intent its own perag reference 2025-03-28 21:59:02 +01:00
zonefs
aio.c fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion 2024-04-03 15:19:42 +02:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_elf_fdpic.c fs: binfmt_elf_efpic: don't use missing interpreter's properties 2024-08-29 17:30:35 +02:00
binfmt_elf_test.c
binfmt_elf.c ELF: fix kernel.randomize_va_space double read 2024-09-12 11:10:19 +02:00
binfmt_flat.c binfmt_flat: Fix integer overflow bug on 32 bit systems 2025-02-21 13:49:39 +01:00
binfmt_misc.c binfmt_misc: cleanup on filesystem umount 2024-08-29 17:30:30 +02:00
binfmt_script.c
buffer.c
char_dev.c
compat_binfmt_elf.c
coredump.c
d_path.c
dax.c fsdax: dax_unshare_iter needs to copy entire blocks 2024-11-08 16:26:42 +01:00
dcache.c fs: better handle deep ancestor chains in is_subdir() 2024-07-25 09:49:18 +02:00
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c epoll: Add synchronous wakeup support for ep_poll_callback 2024-12-27 13:53:01 +01:00
exec.c exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case 2025-02-21 13:49:29 +01:00
fcntl.c fs: Fix file_set_fowner LSM hook inconsistencies 2024-10-17 15:21:23 +02:00
fhandle.c do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak 2024-03-26 18:20:27 -04:00
file_table.c fs: fix proc_handler for sysctl_nr_open 2025-02-21 13:48:53 +01:00
file.c fs: fix missing declaration of init_files 2025-01-23 17:17:11 +01:00
filesystems.c
fs_context.c
fs_parser.c
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
fsopen.c
init.c
inode.c fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name 2024-12-14 19:53:13 +01:00
internal.h
ioctl.c
Kconfig
Kconfig.binfmt
kernel_read_file.c
libfs.c
locks.c filelock: Fix fcntl/close race recovery compat path 2024-07-27 11:32:19 +02:00
Makefile
mbcache.c
mount.h
mpage.c
namei.c fuse: don't truncate cached, mutated symlink 2025-03-28 21:58:53 +01:00
namespace.c mount: handle OOM on mnt_warn_timestamp_expiry 2024-10-17 15:20:37 +02:00
no-block.c
nsfs.c
open.c openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) 2024-11-01 01:56:06 +01:00
pipe.c fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() 2024-04-10 16:28:30 +02:00
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
remap_range.c
select.c hrtimer: Use and report correct timerslack values for realtime tasks 2025-03-28 21:58:48 +01:00
seq_file.c
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c fs: don't allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT 2024-08-03 08:49:53 +02:00
sync.c
sysctls.c
timerfd.c
userfaultfd.c Fix userfaultfd_api to return EINVAL as expected 2024-07-18 13:18:41 +02:00
utimes.c
xattr.c