From: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
Date: Thu, 29 Dec 2022 11:50:41 +0000 (+0400)
Subject: fs/ntfs3: Improved checking of attribute's name length
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=0addfb1c2281b5ca2ac02e7dbf6f5a7dbfbc71b9;p=linux.git

fs/ntfs3: Improved checking of attribute's name length

Added comment, added null pointer checking.

Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
---

diff --git a/fs/ntfs3/inode.c b/fs/ntfs3/inode.c
index 059f288784580..3d2e4c1270e49 100644
--- a/fs/ntfs3/inode.c
+++ b/fs/ntfs3/inode.c
@@ -137,7 +137,13 @@ next_attr:
 	rsize = attr->non_res ? 0 : le32_to_cpu(attr->res.data_size);
 	asize = le32_to_cpu(attr->size);
 
-	if (le16_to_cpu(attr->name_off) + attr->name_len > asize)
+	/*
+	 * Really this check was done in 'ni_enum_attr_ex' -> ... 'mi_enum_attr'.
+	 * There not critical to check this case again
+	 */
+	if (attr->name_len &&
+	    sizeof(short) * attr->name_len + le16_to_cpu(attr->name_off) >
+		    asize)
 		goto out;
 
 	if (attr->non_res) {