All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] fat: Don't allow to mount if the FAT length == 0
@ 2020-04-07 13:10 OGAWA Hirofumi
  0 siblings, 0 replies; only message in thread
From: OGAWA Hirofumi @ 2020-04-07 13:10 UTC (permalink / raw)
  To: Andrew Morton
  Cc: syzbot, Marco Elver, LKML, syzkaller-bugs, syzkaller, Dmitry Vyukov

If FAT length == 0, the image doesn't have any data. And it can be the
cause of overlapping the root dir and FAT entries.

Also Windows treats it as invalid format.

Reported-by: syzbot+6f1624f937d9d6911e2d@syzkaller.appspotmail.com
Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
---
 fs/fat/inode.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fs/fat/inode.c b/fs/fat/inode.c
index 71946da..bf8e04e 100644
--- a/fs/fat/inode.c	2020-04-07 21:55:27.001147223 +0900
+++ b/fs/fat/inode.c	2020-04-07 22:06:15.164098069 +0900
@@ -1520,6 +1520,12 @@ static int fat_read_bpb(struct super_blo
 		goto out;
 	}
 
+	if (bpb->fat_fat_length == 0 && bpb->fat32_length == 0) {
+		if (!silent)
+			fat_msg(sb, KERN_ERR, "bogus number of FAT sectors");
+		goto out;
+	}
+
 	error = 0;
 
 out:
_
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> writes:

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-04-07 13:10 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-07 13:10 [PATCH] fat: Don't allow to mount if the FAT length == 0 OGAWA Hirofumi

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.