Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3502535imu; Mon, 7 Jan 2019 04:41:09 -0800 (PST) X-Google-Smtp-Source: AFSGD/UZi9ZIpP9ITcvw6JxOFeZo54M9wR2jkoegb8JHO5UKROa7aTBheml7l03HFsEl73NLIsrE X-Received: by 2002:a62:444b:: with SMTP id r72mr63892680pfa.184.1546864869747; Mon, 07 Jan 2019 04:41:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546864869; cv=none; d=google.com; s=arc-20160816; b=GHSRmN0Pv40ag28j/0eGtg/eCwz8Jngir8D3whHTo0Ie3KUdV/NfZggjJqYYFY0K4r RGnv2E6tlloBvDmG8C1dTTsG6DlMGWWjsJPbfHk0x5sh53jEAIc96IwKPekGyAcH7z0j zYC5ES4ydAaVlE6szbYml2AVrYJxuG5FwYirsOFZUEZv7sEPHkmH8mS8LrZJ1NhzY7oa XPfjE0I4S2JVDDGlTOYnyhwDMVO0UOm0ZQENmskiZZg5XPl8QHTuDjthhowvY5Y9JDop L7EwV3nHdbpHLc9ZN2oVUixbFCtSDJSXcTybp0tCnybHCfx0ld4D6zVe47/i7FhzS8Gd WRIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=VAttkiL6lpqPrZXp0yIb3D1PYCvrgAAhgS4DkNYm+h8=; b=YT1F/e4yed6NI7UATUS+ycaDDyF0lY/nsWfEBIu7c98MmWsQTqO8Y0R8gX+jyX359H 8tcrJEFdND8UvNQXRNQmRqli9UmfSn4XWEbxMSZBqQ/zuESfWxSLIUr81L+mEH+JrV5S qDzpr7u+RmBkK2Eu+tpjaqAll2C80RfkuIOq2qCgUlElLJrL4pHBYr5vXzUapVC28nuL mdGUoeYI6uC3PpZOQ2EHb9qFMQfk82AbtwC8kdZIQaEe1cNJtzhFAOxa7KKBxvTmFY9e XtzfBTGWYADAC2UOOJ38jVQCCBdZQVm3vYSchobFrxt2hc/fTakvkPuHi3NOs8s6dgi+ MXGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="exoLL/v+"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t10si1602876pgn.551.2019.01.07.04.40.54; Mon, 07 Jan 2019 04:41:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="exoLL/v+"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727998AbfAGMjG (ORCPT + 99 others); Mon, 7 Jan 2019 07:39:06 -0500 Received: from mail.kernel.org ([198.145.29.99]:54226 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727318AbfAGMjE (ORCPT ); Mon, 7 Jan 2019 07:39:04 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 9498C20859; Mon, 7 Jan 2019 12:39:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1546864744; bh=F3SBEAkPlgMToHQt0dFg4pAwKDctQyQOkHOQ1Ng4sek=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=exoLL/v+ZJw8CBvEkT1urr0Isl1eIpMJjSB+i1QYLBmN+ldsAC30atG/gDeCzk5GF 2XcVoEek1RAs1+5mnw5ZjlSLI1Z8e14s3B9qoaTtWpXqdr2Oi6HubIQb1zErGKdbsK 1O5XRb60+yKYnK5/sdsD2i74PVxnD50Uxo+IpWh0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Steve Graham , Theodore Tso , stable@kernel.org Subject: [PATCH 4.20 076/145] ext4: include terminating u32 in size of xattr entries when expanding inodes Date: Mon, 7 Jan 2019 13:31:53 +0100 Message-Id: <20190107104447.218124725@linuxfoundation.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190107104437.308206189@linuxfoundation.org> References: <20190107104437.308206189@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.20-stable review patch. If anyone has any objections, please let me know. ------------------ From: Theodore Ts'o commit a805622a757b6d7f65def4141d29317d8e37b8a1 upstream. In ext4_expand_extra_isize_ea(), we calculate the total size of the xattr header, plus the xattr entries so we know how much of the beginning part of the xattrs to move when expanding the inode extra size. We need to include the terminating u32 at the end of the xattr entries, or else if there is uninitialized, non-zero bytes after the xattr entries and before the xattr values, the list of xattr entries won't be properly terminated. Reported-by: Steve Graham Signed-off-by: Theodore Ts'o Cc: stable@kernel.org Signed-off-by: Greg Kroah-Hartman --- fs/ext4/xattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2721,7 +2721,7 @@ retry: base = IFIRST(header); end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size; min_offs = end - base; - total_ino = sizeof(struct ext4_xattr_ibody_header); + total_ino = sizeof(struct ext4_xattr_ibody_header) + sizeof(u32); error = xattr_check_inode(inode, header, end); if (error)