Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2284739ybv; Fri, 14 Feb 2020 15:30:10 -0800 (PST) X-Google-Smtp-Source: APXvYqz03BAa87KMM6b5xYBcmGiMdZVA9IvTXrDEEqKrqgNw8ka1csTZKfvNpfy6KdLjEPe4RmBS X-Received: by 2002:a05:6808:3b2:: with SMTP id n18mr3422970oie.146.1581723010265; Fri, 14 Feb 2020 15:30:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581723010; cv=none; d=google.com; s=arc-20160816; b=vyrofsITaoEYoDB1x6eKsO4HoTSHgRtj8Y112TIoMEjCix1hKhxvKCMbZ5vOgYeULi zthRxJIq+sD/MzzoDUVaqbNlvYqVnEznE+1DX1zh6RjTZ4i6Bs/CLNQZOWfwaHJtPRTt oidvKzpk9ZCYiKn3fKrHz8PUhCSQQDyJvQgCWk++EI7NJ2Z/CIFsHTWGnsmIRIxXho9U ZIi/0Xs2fYreGBbXIsPk0BFtZIOeMmJ4lguTIRWmTcEu8p1EyzsXZMAJHB7HfDwr78EA S1n9Ju7ITQ0dS0Ne1wzisOYa5Kzvo1Sc/sBJTM8Qe5clftG6iVIY2OkcjHWjdV7Ny2JY gmBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:content-transfer-encoding :mime-version:subject:cc:to:from; bh=vINktuQgp+PRYkidQo2UTOSF0ZZjvGjPM2QLr9Gqgms=; b=rlYaB/ANJnFrgLaK21ZkNQEFB2ftmyFgApdJAoTkmOYrehGG3tROqzMKC2ShsIQBOt /zijJzZKMSsAXGG9ckypMJmoFq18V/6d2qvZcEhtol5ND1cLQtNnIMIftr+j+7Er4a4O xDe68ChqgqMNHwm8KGNUdsMLWs6SQzNMQy8mivY/7RKBPQN0/95q76bDSGwnlfu0Kx7o 4hdhoZICTwcUixIG7ioOhv9LtQw2UK6aarOBRmJvRKe4WjA6hBo07eDgagWWZE+2rOcp RPB3movn+9CBxltIRrMztv2Oi64Kli0ZnMyyZEPXy3vnHNtxc4Q8E0caTNuCpCHxtc+G YH0A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=vt.edu Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x20si3439166oix.155.2020.02.14.15.29.57; Fri, 14 Feb 2020 15:30:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=vt.edu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728388AbgBNX2u (ORCPT + 99 others); Fri, 14 Feb 2020 18:28:50 -0500 Received: from outbound.smtp.vt.edu ([198.82.183.121]:43014 "EHLO omr2.cc.vt.edu" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728143AbgBNX2u (ORCPT ); Fri, 14 Feb 2020 18:28:50 -0500 Received: from mr4.cc.vt.edu (mr4.cc.vt.edu [IPv6:2607:b400:92:8300:0:7b:e2b1:6a29]) by omr2.cc.vt.edu (8.14.4/8.14.4) with ESMTP id 01ENSnGA026543 for ; Fri, 14 Feb 2020 18:28:49 -0500 Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by mr4.cc.vt.edu (8.14.7/8.14.7) with ESMTP id 01ENSh4E019961 for ; Fri, 14 Feb 2020 18:28:49 -0500 Received: by mail-qt1-f198.google.com with SMTP id l25so6982783qtu.0 for ; Fri, 14 Feb 2020 15:28:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:mime-version :content-transfer-encoding:date:message-id; bh=vINktuQgp+PRYkidQo2UTOSF0ZZjvGjPM2QLr9Gqgms=; b=IVpGuJhnGay7oAvfJDLesGlabRxZBv9rQ9VVTQtFRPZwtD8h6jbNxsZAziYa8nmDxg omkfBfknyr0TLigZX7VOsVaHgRyzH7IuVgldEUMBcExx+88ShdzX2IWo814Op13j+Tzm 1gKf5vOwK8JzfqHquPmxqsnbOA4w+PQxJ1q6Egw0TNOn+yDzpzRsuH9rMRuLmYs5baUq upxZq/F/36U0BhtBKZJt9IhyQqAHb5t1EydHRw4mTUG6dlnUoIApWIuqsANTTCPGyN7w WPY4aUiFB95sY3/B2yUNjcLbQydMBeunWwYkesPSR7haGTZTB9V3QNsppOdBbmSIsCRG LplQ== X-Gm-Message-State: APjAAAWmaCIcSZyBXz047zRqO86ccOXdFTHkN80syrTXAlNhO9bmkSED r4UI3qcM+ivmveElPwu053hk8KR1/iLXe7zbm6lKkQTF5LKNLKecfQWivZNckTs0IDQkjlYg9un oEyCK1IZ3IvQ7Dk/56d6nK63fugrTjX+D974= X-Received: by 2002:ac8:7b9a:: with SMTP id p26mr4569752qtu.281.1581722923726; Fri, 14 Feb 2020 15:28:43 -0800 (PST) X-Received: by 2002:ac8:7b9a:: with SMTP id p26mr4569744qtu.281.1581722923426; Fri, 14 Feb 2020 15:28:43 -0800 (PST) Received: from turing-police ([2601:5c0:c001:c9e1::359]) by smtp.gmail.com with ESMTPSA id b7sm4211541qtj.78.2020.02.14.15.28.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Feb 2020 15:28:42 -0800 (PST) From: "Valdis =?utf-8?Q?Kl=c4=93tnieks?=" X-Google-Original-From: "Valdis =?utf-8?Q?Kl=c4=93tnieks?=" X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7+dev To: Namjae Jeon , Sasha Levin Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, gregkh@linuxfoundation.org, hch@lst.de, sj1557.seo@samsung.com, pali.rohar@gmail.com, arnd@arndb.de, namjae.jeon@samsung.com, viro@zeniv.linux.org.uk Subject: [PATCH] exfat: tighten down num_fats check Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1581722921_27211P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Fri, 14 Feb 2020 18:28:41 -0500 Message-ID: <89603.1581722921@turing-police> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --==_Exmh_1581722921_27211P Content-Type: text/plain; charset=us-ascii Change the test for num_fats from != 0 to a check for specifically 1. Although it's theoretically possible that num_fats == 2 for a TexFAT volume (or an implementation that doesn't do the full TexFAT but does support 2 FAT tables), the rest of the code doesn't currently DTRT if it's 2 (in particular, not handling the case of ActiveFat pointing at the second FAT area), so we'll disallow that as well, as well as dealing with corrupted images that have a trash non-zero value. Signed-off-by: Valdis Kletnieks --- a/fs/exfat/super.c 2020-02-14 17:45:02.262274632 -0500 +++ b/fs/exfat/super.c 2020-02-14 17:46:37.200343723 -0500 @@ -450,7 +450,7 @@ static int __exfat_fill_super(struct sup } p_bpb = (struct pbr64 *)p_pbr; - if (!p_bpb->bsx.num_fats) { + if (p_bpb->bsx.num_fats != 1) { exfat_msg(sb, KERN_ERR, "bogus number of FAT structure"); ret = -EINVAL; goto free_bh; --==_Exmh_1581722921_27211P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Comment: Exmh version 2.9.0 11/07/2018 iQIVAwUBXkctKAdmEQWDXROgAQKUcg//SK4Oh8O9nWTtwhEQehIvDaoVWDePrXvW 3qpFT3YIwUe0xYR6Hv9rHItrsnBxmLukieAcL3TWQPLAQEryrUf1TStLJiGNssLw lYZWnTQKrttQ2DA0QBf51WPHjvY0kvtoLihQzI7hdd6lKPQnd2kJ2DmM1r+eG2J5 HQExoCOYpsCQEjiCqBg0YUGB7po3Om0ZTNJWGjy9G79KdVBmtYJ07Qvv06UpBLiR gW8h7uAkqMRU5oBohd3Wm1MQaaLfp50hDqQ4StHEYgngd88e3rtXt2Q2TN9mqEyH AB0c0ruN8hDN3wuydo2iewV2K8oaPaxuG3X+9WY//1qOlE3BU1LB6lULx4Q9Ui1X Du/TIM/fotPOMX+TKqZuMwz334a5qVNfbnLQ76bpoTxAMPuvyJi3k4GfvRFWIDCQ GYZzj1TCY/aqgucLH/X7Se4FIdBhVKZaoWWiN0isQQ5kokBEFM3+ZGMbIRvxRcU2 XYZ4S8rPyoGytX6WLimzqVOJvNhfZCio7VTJq1JACNbgGIzc1dbqQkI4vW4NtmUe 0Y8LOviFu4FA/VomTIiK8AMKByWuCUrRqX2FtKZR6mLxm7fp8wOms6G7jW490MBW zoi2IpFFgMRVjoSpX+uDbs7OpJSrrI3Alr6GBgqdq4anSpRhNNQz0o3abBVm4XTz 6FK4oOHqZ28= =Tcix -----END PGP SIGNATURE----- --==_Exmh_1581722921_27211P--