ext4: ignore e_value_offs for xattrs with value-in-ea-inode

In other places in fs/ext4/xattr.c, if e_value_inum is non-zero, the code ignores the value in e_value_offs. The e_value_offs *should* be zero, but we shouldn't depend upon it, since it might not be true in a corrupted/fuzzed file system. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=202897 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=202877 Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@kernel.org
2019-04-10 00:37:36 -04:00 · 2019-04-10 00:37:36 -04:00 · e5d01196c0
parent 345c0dbf3a
commit e5d01196c0
1 changed files with 1 additions and 1 deletions
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@ -1696,7 +1696,7 @@ static int ext4_xattr_set_entry(struct ext4_xattr_info *i,

 	/* No failures allowed past this point. */

-	if (!s->not_found && here->e_value_size && here->e_value_offs) {
+	if (!s->not_found && here->e_value_size && !here->e_value_inum) {
 		/* Remove the old value. */
 		void *first_val = s->base + min_offs;
 		size_t offs = le16_to_cpu(here->e_value_offs);