MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-07-05 05:15:23 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

fs/filesystems: Fix potential unsigned integer underflow in fs_name()

Browse Source 
[ Upstream commit 1363c134ade81e425873b410566e957fecebb261 ]

fs_name() has @index as unsigned int, so there is underflow risk for
operation '@index--'.

Fix by breaking the for loop when '@index == 0' which is also more proper
than '@index <= 0' for unsigned integer comparison.

Signed-off-by: Zijun Hu <quic_zijuhu@quicinc.com>
Link: https://lore.kernel.org/20250410-fix_fs-v1-1-7c14ccc8ebaa@quicinc.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Zijun Hu 2025-04-10 19:45:27 +08:00 committed by Greg Kroah-Hartman
parent 0383b25488
commit 84ead78a3c
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
fs/filesystems.c
View File

@ -156,15 +156,19 @@ static int fs_index(const char __user * __name)
static int fs_name(unsigned int index, char __user * buf)
{
struct file_system_type * tmp;
int len, res;
int len, res = -EINVAL;
read_lock(&file_systems_lock);
for (tmp = file_systems; tmp; tmp = tmp->next, index--)
if (index <= 0 && try_module_get(tmp->owner))
for (tmp = file_systems; tmp; tmp = tmp->next, index--) {
if (index == 0) {
if (try_module_get(tmp->owner))
res = 0;
break;
}
}
read_unlock(&file_systems_lock);
if (!tmp)
return -EINVAL;
if (res)
return res;
/* OK, we got the reference, so we can safely block */
len = strlen(tmp->name) + 1;