mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2024-12-29 09:12:07 +00:00
exfat: fix the infinite loop in __exfat_free_cluster()
In __exfat_free_cluster(), the cluster chain is traversed until the
EOF cluster. If the cluster chain includes a loop due to file system
corruption, the EOF cluster cannot be traversed, resulting in an
infinite loop.
To avoid this infinite loop, this commit changes to only traverse and
free the number of clusters indicated by the file size.
Reported-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=1de5a37cb85a2d536330
Tested-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com
Fixes: 31023864e6
("exfat: add fat entry operations")
Suggested-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com>
Reviewed-by: Sungjong Seo <sj1557.seo@samsung.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
This commit is contained in:
parent
70465acbb0
commit
ffee32cf4b
@ -201,6 +201,8 @@ static int __exfat_free_cluster(struct inode *inode, struct exfat_chain *p_chain
|
||||
|
||||
if (err || n_clu == EXFAT_EOF_CLUSTER)
|
||||
sync = true;
|
||||
else if (num_clusters >= p_chain->size)
|
||||
break;
|
||||
else
|
||||
next_cmap_i =
|
||||
BITMAP_OFFSET_SECTOR_INDEX(sb, CLUSTER_TO_BITMAP_ENT(n_clu));
|
||||
|
Loading…
Reference in New Issue
Block a user