[PATCH] jffs2: Fix rtime decompressor
From: Richard Weinberger
Date: Tue Dec 03 2024 - 06:45:09 EST
The fix for a memory corruption contained a off-by-one error and
caused the compressor to fail in legit cases.
Cc: Kinsey Moore <kinsey.moore@xxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Fixes: fe051552f5078 ("jffs2: Prevent rtime decompress memory corruption")
Signed-off-by: Richard Weinberger <richard@xxxxxx>
---
fs/jffs2/compr_rtime.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/jffs2/compr_rtime.c b/fs/jffs2/compr_rtime.c
index 2b9ef713b844a..3bd9d2f3bece2 100644
--- a/fs/jffs2/compr_rtime.c
+++ b/fs/jffs2/compr_rtime.c
@@ -95,7 +95,7 @@ static int jffs2_rtime_decompress(unsigned char *data_in,
positions[value]=outpos;
if (repeat) {
- if ((outpos + repeat) >= destlen) {
+ if ((outpos + repeat) > destlen) {
return 1;
}
if (backoffs + repeat >= outpos) {
--
2.47.0