Re: [PATCH v5] hfsplus: fix uninit-value by validating catalog record size

Next message: Jaegeuk Kim: "Re: [f2fs-dev] [PATCH] f2fs: fix to prevent clearing immutable for large folio supported inode"
Previous message: Sanjay Chitroda: "Re: [PATCH] mm/slub: drop duplicate kernel-doc for ksize()"
In reply to: Viacheslav Dubeyko: "Re: [PATCH v5] hfsplus: fix uninit-value by validating catalog record size"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Deepanshu Kartikey

Date: Mon Feb 23 2026 - 22:53:10 EST

On Tue, Feb 24, 2026 at 12:28 AM Viacheslav Dubeyko
<Slava.Dubeyko@xxxxxxx> wrote:
>

> > + case HFSPLUS_FILE_THREAD:
> > + /* Ensure we have at least the fixed fields before reading nodeName.length */
> > + if (fd->entrylength < offsetof(struct hfsplus_cat_thread, nodeName) +
> > + offsetof(struct hfsplus_unistr, unicode)) {
> > + pr_err("thread record too short (got %u)\n", fd->entrylength);
> > + return -EIO;
> > + }

The check is in the HFSPLUS_FOLDER_THREAD/HFSPLUS_FILE_THREAD case in
hfsplus_brec_read_cat() function (fs/hfsplus/bfind.c):

This validates that we have at least the minimum bytes needed before
calling hfsplus_cat_thread_size() which reads nodeName.length.