Re: [PATCH] isofs: bound Rock Ridge symlink components to the SL record

Next message: Andrew Soto: "[PATCH] staging: media: atomisp: prefer kcalloc over kzalloc with multiply"
Previous message: Dmitry Baryshkov: "Re: [PATCH 2/5] ASoC: dt-bindings: qcom,sm8250: Add QCS6490 RubikPi3 sound card"
In reply to: Bryam Vargas: "[PATCH] isofs: bound Rock Ridge symlink components to the SL record"
Next in thread: Bryam Vargas: "Re: [PATCH] isofs: bound Rock Ridge symlink components to the SL record"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Michael Bommarito

Date: Sat Jun 06 2026 - 19:44:55 EST

On Sat, Jun 6, 2026 at 6:29 PM Bryam Vargas <hexlabsecurity@xxxxxxxxx> wrote:
> diff --git a/fs/isofs/rock.c b/fs/isofs/rock.c
> index 1232fab59a4e..0fe781381e66 100644
> --- a/fs/isofs/rock.c
> +++ b/fs/isofs/rock.c
> @@ -466,6 +466,9 @@ parse_rock_ridge_inode_internal(struct iso_directory_record *de,
> inode->i_size = symlink_len;
> while (slen > 1) {
> rootflag = 0;
> + /* keep the component within the SL record */
> + if (slp->len + 2 > slen)
> + break;

Thanks for the CC. You beat me to filing this one!

Your patch is better than the one I never got around to submitting,
but one note I'd mention is that I returned NULL here instead of
breaking so that readlink() would fail with -EIO downstream. Maybe
I'm missing something elsewhere, but I think this design results in
silent truncation and a potentially confused caller who thinks the
symlink was successful.

Thanks,
Mike