[PATCH v2 2/5] ext4: fsmap: Check fmh_iflags value directly on the user copied data
From: Tudor Ambarus
Date: Wed Mar 15 2023 - 07:21:23 EST
struct ext4_fsmap_head is the ext4 internal fsmap representation of
struct fsmap_head. As the code was, the fmh_iflags validation was done
on the fmh_iflags value of the internal fsmap representation. Since
xhead.fmh_iflags is initialized with head.fmh_iflags and not changed
afterwards, do the validation of fmh_iflags directly on fsmap_head data,
it spares some superfluous initializations in case the user provides a
wrong value for fmh_iflags.
Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxx>
---
v2: new patch
fs/ext4/fsmap.c | 2 --
fs/ext4/ioctl.c | 2 ++
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/fsmap.c b/fs/ext4/fsmap.c
index cdf9bfe10137..7765293bfa5d 100644
--- a/fs/ext4/fsmap.c
+++ b/fs/ext4/fsmap.c
@@ -635,8 +635,6 @@ int ext4_getfsmap(struct super_block *sb, struct ext4_fsmap_head *head,
int i;
int error = 0;
- if (head->fmh_iflags & ~FMH_IF_VALID)
- return -EINVAL;
if (!ext4_getfsmap_is_valid_device(sb, &head->fmh_keys[0]) ||
!ext4_getfsmap_is_valid_device(sb, &head->fmh_keys[1]))
return -EINVAL;
diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c
index 2b412f1cbc10..77b0198a0f48 100644
--- a/fs/ext4/ioctl.c
+++ b/fs/ext4/ioctl.c
@@ -873,6 +873,8 @@ static int ext4_ioc_getfsmap(struct super_block *sb,
if (copy_from_user(&head, arg, sizeof(struct fsmap_head)))
return -EFAULT;
+ if (head.fmh_iflags & ~FMH_IF_VALID)
+ return -EINVAL;
if (memchr_inv(head.fmh_reserved, 0, sizeof(head.fmh_reserved)) ||
memchr_inv(head.fmh_keys[0].fmr_reserved, 0,
sizeof(head.fmh_keys[0].fmr_reserved)) ||
--
2.40.0.rc1.284.g88254d51c5-goog