fs/ntfs3: Restore overflow checking for attr size in mi_enum_attr

Fixed comment.
Removed explicit initialization for INDEX_ROOT.

Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
index 8718df791a5545c92b841a38f77fcfd63c7f3c2e..9fefeac5fe7e45fafc8d0ed15628608e77ab6c4c 100644 (file)
--- a/fs/ntfs3/index.c
+++ b/fs/ntfs3/index.c
@@ -994,7 +994,7 @@ struct INDEX_ROOT *indx_get_root(struct ntfs_index *indx, struct ntfs_inode *ni,
        struct ATTR_LIST_ENTRY *le = NULL;
        struct ATTRIB *a;
        const struct INDEX_NAMES *in = &s_index_names[indx->type];
-       struct INDEX_ROOT *root = NULL;
+       struct INDEX_ROOT *root;
 
        a = ni_find_attr(ni, NULL, &le, ATTR_ROOT, in->name, in->name_len, NULL,
                         mi);
@@ -1007,8 +1007,9 @@ struct INDEX_ROOT *indx_get_root(struct ntfs_index *indx, struct ntfs_inode *ni,
        root = resident_data_ex(a, sizeof(struct INDEX_ROOT));
 
        /* length check */
-       if (root && offsetof(struct INDEX_ROOT, ihdr) + le32_to_cpu(root->ihdr.used) >
-                       le32_to_cpu(a->res.data_size)) {
+       if (root &&
+           offsetof(struct INDEX_ROOT, ihdr) + le32_to_cpu(root->ihdr.used) >
+                   le32_to_cpu(a->res.data_size)) {
                return NULL;
        }
 

diff --git a/fs/ntfs3/record.c b/fs/ntfs3/record.c
index abfe004774c03e577450fa49341ccecd2dc7cb09..0603169ee8a08fa0d0910b65add79aa2a3a12e59 100644 (file)
--- a/fs/ntfs3/record.c
+++ b/fs/ntfs3/record.c
@@ -220,6 +220,11 @@ struct ATTRIB *mi_enum_attr(struct mft_inode *mi, struct ATTRIB *attr)
                        return NULL;
                }
 
+               if (off + asize < off) {
+                       /* Overflow check. */
+                       return NULL;
+               }
+
                attr = Add2Ptr(attr, asize);
                off += asize;
        }

diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c
index 0967035146cefbce25250ab6f5658676917a2a97..19d0889b131fac69341981b7a73e5955b8ebc176 100644 (file)
--- a/fs/ntfs3/super.c
+++ b/fs/ntfs3/super.c
@@ -1187,7 +1187,7 @@ static int ntfs_fill_super(struct super_block *sb, struct fs_context *fc)
 
        /*
         * Typical $AttrDef contains up to 20 entries.
-        * Check for extremely large size.
+        * Check for extremely large/small size.
         */
        if (inode->i_size < sizeof(struct ATTR_DEF_ENTRY) ||
            inode->i_size > 100 * sizeof(struct ATTR_DEF_ENTRY)) {