On Tue, Aug 20, 2024 at 08:08:38PM +0800, Edward Adam Davis wrote:
When the i_size of dir is too large, it will cause limit to overflow and
be less than de_buf, ultimately resulting in last_de not being initialized
and causing uaf issue.
+ if (i_size_read(dir) > OCFS2_MAX_BLOCKSIZE)
+ return -EINVAL;
Surely directories can be more than one block in size?