All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] f2fs: fix off-by-one error in nat journal entries check
@ 2023-01-14 13:19 Daniel Axtens
  2023-01-17 16:51 ` Daniel Kiper
  0 siblings, 1 reply; 2+ messages in thread
From: Daniel Axtens @ 2023-01-14 13:19 UTC (permalink / raw)
  To: grub-devel
  Cc: sudhakar, steve, list, Daniel Axtens,
	программист
	нект

Oops. You're allowed to have up to n = NAT_JOURNAL_ENTRIES entries
_inclusive_, because the loop below uses i < n, not i <= n. D'oh.

Fixes: 4bd9877f6216 ("fs/f2fs: Do not read past the end of nat journal entries")
Reported-by: программист нект <programmer11180@programist.ru>
Tested-by: программист нект <programmer11180@programist.ru>
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
 grub-core/fs/f2fs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/fs/f2fs.c b/grub-core/fs/f2fs.c
index df6beb544cbd..855e24618c2b 100644
--- a/grub-core/fs/f2fs.c
+++ b/grub-core/fs/f2fs.c
@@ -650,7 +650,7 @@ get_blkaddr_from_nat_journal (struct grub_f2fs_data *data, grub_uint32_t nid,
   grub_uint16_t n = grub_le_to_cpu16 (data->nat_j.n_nats);
   grub_uint16_t i;
 
-  if (n >= NAT_JOURNAL_ENTRIES)
+  if (n > NAT_JOURNAL_ENTRIES)
     return grub_error (GRUB_ERR_BAD_FS,
                        "invalid number of nat journal entries");
 
-- 
2.25.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] f2fs: fix off-by-one error in nat journal entries check
  2023-01-14 13:19 [PATCH] f2fs: fix off-by-one error in nat journal entries check Daniel Axtens
@ 2023-01-17 16:51 ` Daniel Kiper
  0 siblings, 0 replies; 2+ messages in thread
From: Daniel Kiper @ 2023-01-17 16:51 UTC (permalink / raw)
  To: Daniel Axtens
  Cc: grub-devel, sudhakar, steve, list,
	программист
	нект

On Sun, Jan 15, 2023 at 12:19:50AM +1100, Daniel Axtens wrote:
> Oops. You're allowed to have up to n = NAT_JOURNAL_ENTRIES entries
> _inclusive_, because the loop below uses i < n, not i <= n. D'oh.
>
> Fixes: 4bd9877f6216 ("fs/f2fs: Do not read past the end of nat journal entries")
> Reported-by: программист нект <programmer11180@programist.ru>
> Tested-by: программист нект <programmer11180@programist.ru>
> Signed-off-by: Daniel Axtens <dja@axtens.net>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Daniel


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-01-17 17:08 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-14 13:19 [PATCH] f2fs: fix off-by-one error in nat journal entries check Daniel Axtens
2023-01-17 16:51 ` Daniel Kiper

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.