Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp4368251ybv; Tue, 25 Feb 2020 18:47:05 -0800 (PST) X-Google-Smtp-Source: APXvYqwBMkF9dXTy/f6No2c1DhWvdKwZfNOJkWuo61fHSnVW7QlidUkTNtne6zWz10LStB/qxvgF X-Received: by 2002:aca:b588:: with SMTP id e130mr1505301oif.176.1582685224939; Tue, 25 Feb 2020 18:47:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582685224; cv=none; d=google.com; s=arc-20160816; b=ld0v2lXRdSG18gWjaZqpFnJQDakU/n5AbBA1yPpMrOlJ4UaYAQ3ZQO/elIOfReHnze ANGYqsoqzxeG0Zn/F5fEbdB4ea6dnoNPdb3wAbBL78MzKgbW0urlJC4cYsZf3NlDR0qh s9USP250KqKm2QjvjMr3rvL82atfs0vilV5/fufdtV7aqA/CmDsfLCRn8oKqHVw54YAP zNNqUPpu3I7sbHXH8iAbkWW/DAi22oy7RdsZEsZpQjBcosHIdtfBkDutaF5bLZXrYOLJ DhbbYr8UFetptldf+qDDK9GSq7eRDA9by+XRygY0h7jBdPPqEAghBDCOytlp7hbID149 th4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=nYTH306Q2DGHSuU5vtuuPC4VUUkqyqOj/Jvitsp0c4c=; b=tCHZ1aptgI0CXn2+ed5jCsS/+2TPCl7Pn6pOozJpsmiSGAJfqhDkdmD1ldSC34RqD8 RFfanPdFjNPsBM3r9V9hxlXaDm3yfqfyFUPN9wMrMtXLz3PbwvJfRvGzh8O7tWpM2WbL siuSqdMsWgCWcsBlqtPd7k+aU4p/i8fJZYFJfNRvgjidGPEZxiDPuLleeTNrv5KFWdOT /PJQk/wqlmyOG+sEU658Q8au+fYQnqp05X3n0tt3QQH3SBD0wDOgeDig6WpykMDOLV7n nRPxVNqijFYxUdyBXH4+JbTujCccHb2bz5EjojHY5DI38CN3aDhjw4kHuALEDL8ax3dD ugTg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j15si357459oie.15.2020.02.25.18.46.51; Tue, 25 Feb 2020 18:47:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729558AbgBZCpm (ORCPT + 99 others); Tue, 25 Feb 2020 21:45:42 -0500 Received: from szxga03-in.huawei.com ([45.249.212.189]:2593 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728989AbgBZCpl (ORCPT ); Tue, 25 Feb 2020 21:45:41 -0500 Received: from DGGEMM406-HUB.china.huawei.com (unknown [172.30.72.54]) by Forcepoint Email with ESMTP id 04FDB154E2232F5125A5; Wed, 26 Feb 2020 10:45:39 +0800 (CST) Received: from dggeme762-chm.china.huawei.com (10.3.19.108) by DGGEMM406-HUB.china.huawei.com (10.3.20.214) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 26 Feb 2020 10:45:35 +0800 Received: from architecture4 (10.160.196.180) by dggeme762-chm.china.huawei.com (10.3.19.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Wed, 26 Feb 2020 10:45:34 +0800 Date: Wed, 26 Feb 2020 10:44:08 +0800 From: Gao Xiang To: Eric Biggers CC: Chao Yu , , Miao Xie , LKML , Lasse Collin Subject: Re: [PATCH 3/3] erofs: handle corrupted images whose decompressed size less than it'd be Message-ID: <20200226024408.GB106025@architecture4> References: <20200226023011.103798-1-gaoxiang25@huawei.com> <20200226023011.103798-3-gaoxiang25@huawei.com> <20200226023458.GB1053@sol.localdomain> <20200226024047.GA106025@architecture4> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20200226024047.GA106025@architecture4> User-Agent: Mutt/1.9.4 (2018-02-28) X-Originating-IP: [10.160.196.180] X-ClientProxiedBy: dggeme704-chm.china.huawei.com (10.1.199.100) To dggeme762-chm.china.huawei.com (10.3.19.108) X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 26, 2020 at 10:40:47AM +0800, Gao Xiang wrote: > Hi Eric, > > On Tue, Feb 25, 2020 at 06:34:58PM -0800, Eric Biggers wrote: > > On Wed, Feb 26, 2020 at 10:30:11AM +0800, Gao Xiang wrote: > > > As Lasse pointed out, "Looking at fs/erofs/decompress.c, > > > the return value from LZ4_decompress_safe_partial is only > > > checked for negative value to catch errors. ... So if > > > I understood it correctly, if there is bad data whose > > > uncompressed size is much less than it should be, it can > > > leave part of the output buffer untouched and expose the > > > previous data as the file content. " > > > > > > Let's fix it now. > > > > > > Cc: Lasse Collin > > > Signed-off-by: Gao Xiang > > > > Shouldn't fixes like this have a Fixes tag and Cc stable? > > > > - Eric > > Thanks for pointing out. *thumb up* > > I reminded Fixes and Cc tags when I sent out. Yet > I'm not quite sure if these have some other potential > concernes which could cause unexpected behavior for > normal images (It seems impossible but not quite sure.) > > I'd like to leave these two commits for corrupted images > to mainline and our products for a while and manually > backport to stable kernels and send them to stable > mailing list later. I keep these fixes in mind all > the time. ... Maybe I should add "Fixes:" tag in the commit message anyway. Will resend them later. Thanks, Gao Xiang > > Thanks, > Gao Xiang >