From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755253Ab1GNOxR (ORCPT ); Thu, 14 Jul 2011 10:53:17 -0400 Received: from 173-166-109-252-newengland.hfc.comcastbusiness.net ([173.166.109.252]:41533 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754696Ab1GNOxQ (ORCPT ); Thu, 14 Jul 2011 10:53:16 -0400 Date: Thu, 14 Jul 2011 10:53:13 -0400 From: Christoph Hellwig To: Naohiro Aota Cc: linux-fsdevel@vger.kernel.org, Christoph Hellwig , Eric Sandeen , Anton Salikhmetov , Al Viro , linux-kernel@vger.kernel.org Subject: Re: [PATCH] hfsplus: Add record offset check Message-ID: <20110714145313.GA16776@infradead.org> References: <87mxgku044.fsf@elisp.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87mxgku044.fsf@elisp.net> User-Agent: Mutt/1.5.21 (2010-09-15) X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c > index 2312de3..5c51d04 100644 > --- a/fs/hfsplus/brec.c > +++ b/fs/hfsplus/brec.c > @@ -43,6 +43,10 @@ u16 hfs_brec_keylen(struct hfs_bnode *node, u16 rec) > node->tree->node_size - (rec + 1) * 2); > if (!recoff) > return 0; > + if (recoff >= node->tree->node_size) { > + printk(KERN_ERR "hfs: recoff %d too large\n", recoff); > + return 0; > + } As non-obvious as it sounds 0 is indded the canonical error return from hfs_brec_keylen, so that patch looks good to me. Can you resend it with a better title and description mentioning better validatation of the on-disk structures?