Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1002194pxb;
        Thu, 4 Mar 2021 00:09:05 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwWBH/mqV67zrMUZVryDKNRd4aU9f8x1jzILstuy9dSc4mRE2SdynyEd3tiT73yU7Rw9ooA
X-Received: by 2002:aa7:d4ca:: with SMTP id t10mr2981263edr.388.1614845345344;
        Thu, 04 Mar 2021 00:09:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1614845345; cv=none;
        d=google.com; s=arc-20160816;
        b=ntyTkzhmhX5LDu0UBvT3d/ecYtKPERIP/ySwxJV6bbMZ4o9zmL9sKVVb24fmg1md0e
         xH4NWSlSAv+AFVIzL74zNVAatHUeuXlEB8bnGmxjZAAFXUKOUabCd2tJW/1jeJk55NFn
         TakvU1T6IKsN0WbIP8MwUb9mz2ymJbEcTGCkedvlukPROzQwlUR3CrU3H/BXrbNAK48I
         DqpjUAaE8i+LdH3CLeSXKChXX+U7MU84IdSsdE6quCS50WMMN2qvj9Rs/0wpys2aZXp3
         ZWIDo8DVgTZGW/sbPcJEWyEf94R8PMKjJ2i7pcXATwXIS0j83c+iaOYoWvLI2SwoWqeb
         mOXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:importance:content-transfer-encoding
         :mime-version:subject:references:in-reply-to:message-id:cc:to:from
         :date;
        bh=GxZVgNhNkXm/UYnRy4aJRmkxfWdEagPUu1kvGwxJ9C4=;
        b=zf6ntniG30gASrmvg/GoykiihuDblu17iageYHX9Wx1zdIxXgalE4xGTwWLbgyNFyv
         tF6SarKScdsB4ZJSOh1jJKWT7oP+wx3pWl4s0gqwkqRR812sDJ8t0Wm8CjWFcodLDofA
         aczGEKzgcsalqb4QX50WYkjje1opwHdONT4JmELKEkwXkwI81JuwUiNFqNjz84EFZd1W
         UhUM4fRoyF4p6v9iGpd1hTFcrHUg0RX8xq14mq7cFU7+NiS5FLfQ/zhA3t9a02CUtc2W
         BlraA38oorRHeZ+/SNQoQ7GH5bydFvcisVId3d37B110m5nFwxyMcFoGYqurFpwftX4J
         rGSA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id bq23si10300223ejb.498.2021.03.04.00.08.42;
        Thu, 04 Mar 2021 00:09:05 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1357665AbhCCLXl (ORCPT <rfc822;luxiaolong211@gmail.com>
        + 99 others); Wed, 3 Mar 2021 06:23:41 -0500
Received: from outbound-gw.openxchange.ahost.me ([94.136.40.163]:48032 "EHLO
        outbound-gw.openxchange.ahost.me" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S237904AbhCCCKL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 2 Mar 2021 21:10:11 -0500
Received: from localhost ([127.0.0.1] helo=outbound-gw.openxchange.ahost.me)
        by outbound-gw.openxchange.ahost.me with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
        (Exim 4.94)
        (envelope-from <phillip@squashfs.org.uk>)
        id 1lHFqc-0003v1-QL; Wed, 03 Mar 2021 00:58:42 +0000
Date:   Wed, 3 Mar 2021 00:58:38 +0000 (GMT)
From:   Phillip Lougher <phillip@squashfs.org.uk>
To:     Andrew Morton <akpm@linux-foundation.org>
Cc:     "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Message-ID: <2145953354.2456187.1614733122707@webmail.123-reg.co.uk>
In-Reply-To: <20210302163440.730a51442f9ce87d728c9ffd@linux-foundation.org>
References: <2069685113.2081245.1614583677427@webmail.123-reg.co.uk>
 <20210302163440.730a51442f9ce87d728c9ffd@linux-foundation.org>
Subject: Re: [PATCH] Squashfs: fix xattr id and id lookup sanity checks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.3-Rev22
X-Originating-IP: 82.69.79.175
X-Originating-Client: com.openexchange.ox.gui.dhtml
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


> On 03/03/2021 00:34 Andrew Morton <akpm@linux-foundation.org> wrote:
> 
>  
> On Mon, 1 Mar 2021 07:27:57 +0000 (GMT) Phillip Lougher <phillip@squashfs.org.uk> wrote:
> 
> > The checks for maximum metadata block size is
> > missing SQUASHFS_BLOCK_OFFSET (the two byte length
> > count).
> 
> What are the user visible consequences of this bug?

The user will be unable to mount the filesystem, because it will
fail the sanity check.


> 
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
> 
> Fixes: f37aa4c7366e23f ("squashfs: add more sanity checks in id lookup")
> 
> yes?

Yes.

Phillip