git.maquefel.me Git - linux.git/commit

author	Yuezhang Mo <Yuezhang.Mo@sony.com>
	Thu, 20 Oct 2022 06:27:37 +0000 (14:27 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 10 Mar 2023 08:39:57 +0000 (09:39 +0100)
commit	0d3902cbcf80e50742a1bb7066668386a7284536
tree	1d2dfaecab55bb709e4d63b821ed007597ba3812	tree \| snapshot
parent	05103d88482dc3757db108415342fdd86821a79b	commit \| diff

exfat: fix reporting fs error when reading dir beyond EOF

commit 706fdcac002316893434d753be8cfb549fe1d40d upstream.

Since seekdir() does not check whether the position is valid, the
position may exceed the size of the directory. We found that for
a directory with discontinuous clusters, if the position exceeds
the size of the directory and the excess size is greater than or
equal to the cluster size, exfat_readdir() will return -EIO,
causing a file system error and making the file system unavailable.

Reproduce this bug by:

seekdir(dir, dir_size + cluster_size);
dirent = readdir(dir);

The following log will be printed if mount with 'errors=remount-ro'.

[11166.712896] exFAT-fs (sdb1): error, invalid access to FAT (entry 0xffffffff)
[11166.712905] exFAT-fs (sdb1): Filesystem has been set read-only

Fixes: 1e5654de0f51 ("exfat: handle wrong stream entry size in exfat_readdir()")
Cc: stable@vger.kernel.org # v5.7+
Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com>
Reviewed-by: Andy Wu <Andy.Wu@sony.com>
Reviewed-by: Aoyama Wataru <wataru.aoyama@sony.com>
Reviewed-by: Sungjong Seo <sj1557.seo@samsung.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>