Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow

From: Mateusz Guzik
Date: Fri Feb 21 2025 - 09:51:50 EST

Next message: Jason Gunthorpe: "Re: [PATCH v2 6/7] iommufd: Implement sw_msi support natively"
Previous message: Sergio Paracuellos: "Re: [PATCH v3 0/6] mips: dts: ralink: update system controller nodes and its consumers"
Next in thread: Kees Cook: "Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Nov 12, 2023 at 07:53:53PM +1000, Ronald Monthero wrote:
> qnx4 dir name length can vary to be of maximum size
> QNX4_NAME_MAX or QNX4_SHORT_NAME_MAX depending on whether
> 'link info' entry is stored and the status byte is set.
> So to avoid buffer overflow check di_fname length
> fetched from (struct qnx4_inode_entry *)
> before use in strlen to avoid buffer overflow.
>

Inspired by removals of reiserfs and sysv I decided to try to whack
qnx4.

This here is the only qnx4-specific change made to the fs in years.

Are you using the filesystem? Perhaps you just playing around fuzzing
and that's how you got there instead?

Next message: Jason Gunthorpe: "Re: [PATCH v2 6/7] iommufd: Implement sw_msi support natively"
Previous message: Sergio Paracuellos: "Re: [PATCH v3 0/6] mips: dts: ralink: update system controller nodes and its consumers"
Next in thread: Kees Cook: "Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]